From 3334239609a3ddb19301e63fd4f3ba6df14eb941 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Mon, 28 Oct 2024 09:56:49 -0400 Subject: [PATCH 01/15] apk initial --- go.mod | 2 + go.sum | 4 + pkg/handlers/apk.go | 363 +++++++++++++++++++++++++++++++++++++++ pkg/handlers/handlers.go | 99 +++++++++++ 4 files changed, 468 insertions(+) create mode 100644 pkg/handlers/apk.go diff --git a/go.mod b/go.mod index 45b70a6a50ad..6d33e6024230 100644 --- a/go.mod +++ b/go.mod @@ -154,6 +154,7 @@ require ( github.com/apache/arrow/go/v14 v14.0.2 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/atotto/clipboard v0.1.4 // indirect + github.com/avast/apkparser v0.0.0-20240729092610-90591e0804ae // indirect github.com/aws/smithy-go v1.20.1 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/aymerick/douceur v0.2.0 // indirect @@ -179,6 +180,7 @@ require ( github.com/couchbase/goprotostellar v1.0.2 // indirect github.com/couchbaselabs/gocbconnstr/v2 v2.0.0-20240607131231-fb385523de28 // indirect github.com/cpuguy83/dockercfg v0.3.2 // indirect + github.com/csnewman/dextk v0.3.0 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/danieljoos/wincred v1.1.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect diff --git a/go.sum b/go.sum index a8859b417cc0..19ff6a474ade 100644 --- a/go.sum +++ b/go.sum @@ -149,6 +149,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4= github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= +github.com/avast/apkparser v0.0.0-20240729092610-90591e0804ae h1:rDNramK9mnAbvUBJyIRZnzHchM45cXexHIX9pS9da4Q= +github.com/avast/apkparser v0.0.0-20240729092610-90591e0804ae/go.mod h1:GNvprXNmXaDjpHmN3RFxz5QdK5VXTUvmQludCbjoBy4= github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/aws/smithy-go v1.20.1 h1:4SZlSlMr36UEqC7XOyRVb27XMeZubNcBNN+9IgEPIQw= @@ -249,6 +251,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/crewjam/rfc5424 v0.1.0 h1:MSeXJm22oKovLzWj44AHwaItjIMUMugYGkEzfa831H8= github.com/crewjam/rfc5424 v0.1.0/go.mod h1:RCi9M3xHVOeerf6ULZzqv2xOGRO/zYaVUeRyPnBW3gQ= +github.com/csnewman/dextk v0.3.0 h1:gigNZlZRNfCuARV7depunRlafEAzGhyvgBQo1FT3/0M= +github.com/csnewman/dextk v0.3.0/go.mod h1:FcDoI3258ea0KPQogyv4iazQRGcLFNOW+I4pHBUfNO0= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/danieljoos/wincred v1.1.2 h1:QLdCxFs1/Yl4zduvBdcHB8goaYk9RARS2SgLLRuAyr0= diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go new file mode 100644 index 000000000000..b6b3731c78f7 --- /dev/null +++ b/pkg/handlers/apk.go @@ -0,0 +1,363 @@ +package handlers + +import ( + "archive/zip" + "bytes" + "encoding/xml" + "errors" + "fmt" + "io" + "log" + "regexp" + "strings" + "time" + + dextk "github.com/csnewman/dextk" + + "github.com/avast/apkparser" + logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" +) + +// General Note: There are tools that can fully decompile an apk (e.g. jadx, apktool, etc.) +// However, none of these are in golang + they take awhile to run + +// they will decompile files that most likely don't contain secrets. So instead, we have a +// lightweight version that will search for secrets in the most common files that contain them. +// And run in a fraction of the time (ex: 15 seconds vs. 5 minutes) + +// ToDo: Scan nested APKs (aka XAPK files). ATM the archive.go file will skip over them. +// ToDo: Provide file location information to secret output. + +var ( + targetFileTypes = []string{".xml", ".dex", ".json"} + // Note: Only targeting xml, dex, and json files for now. This might need to be expanded. + // If expanding, ensure the processFile function is updated to handle the new file types. + targetInstructionTypes = []string{"const-string", "iput-object"} + // Note: We're only looking at `const-string` and `iput-objects` for now. This might need to be expanded. + // If expanding, ensure the formatInstruction function is updated to handle the relevant instructions. + // - const-string: loads a string into a register (value) + // - iput-object: stores a string into a field (key) +) + +// apkHandler handles apk archive formats. +type apkHandler struct{ *defaultHandler } + +// newapkHandler creates an apkHandler. +func newAPKHandler() *apkHandler { + return &apkHandler{defaultHandler: newDefaultHandler(apkHandlerType)} +} + +// HandleFile processes apk formatted files. +func (h *apkHandler) HandleFile(ctx logContext.Context, input fileReader) (chan []byte, error) { + apkChan := make(chan []byte, defaultBufferSize) + + go func() { + ctx, cancel := logContext.WithTimeout(ctx, maxTimeout) + defer cancel() + defer close(apkChan) + + // Update the metrics for the file processing. + start := time.Now() + var err error + defer func() { + h.measureLatencyAndHandleErrors(start, err) + h.metrics.incFilesProcessed() + }() + + // Defer a panic recovery to handle any panics that occur during the APK processing. + defer func() { + if r := recover(); r != nil { + // Return the panic as an error. + if e, ok := r.(error); ok { + err = e + } else { + err = fmt.Errorf("panic occurred: %v", r) + } + ctx.Logger().Error(err, "Panic occurred when reading apk archive") + } + }() + + if err = h.ProcessAPK(ctx, input, apkChan); err != nil { + ctx.Logger().Error(err, "error handling apk.") + } + }() + return apkChan, nil +} + +// processAPK processes the apk file and sends the extracted data to the provided channel. +func (h *apkHandler) ProcessAPK(ctx logContext.Context, input fileReader, apkChan chan []byte) error { + + // Create a ZIP reader from the input fileReader + zipReader, err := createZipReader(input) + if err != nil { + return err + } + + // Extract the resources.arsc file into a ResourceTable (needed for XML decoding) + resTable, err := parseResTable(zipReader) + if err != nil { + return err + } + + // Process the ResourceTable file for secrets + if err := h.processResources(ctx, resTable, apkChan); err != nil { + ctx.Logger().Error(err, "failed to process resources.arsc") + } + + // Process all xml, json and dex files for secrets + for _, file := range zipReader.File { + if hasSuffix(file.Name, targetFileTypes) { + if err := h.processFile(ctx, file, resTable, apkChan); err != nil { + ctx.Logger().Error(err, fmt.Sprintf("failed to process file: %s", file.Name)) + } + } + } + return nil +} + +// processResources processes the resources.arsc file and sends the extracted data to the provided channel. +func (h *apkHandler) processResources(ctx logContext.Context, resTable *apkparser.ResourceTable, apkChan chan []byte) error { + if resTable == nil { + return errors.New("ResourceTable is nil") + } + resourcesStrings, err := extractStringsFromResTable(resTable) + if err != nil { + return fmt.Errorf("failed to parse strings from resources.arsc: %w", err) + } + h.handleAPKFileContent(ctx, resourcesStrings, "resources.arsc", apkChan) + return nil +} + +// processFile processes the file and sends the extracted data to the provided channel. +func (h *apkHandler) processFile(ctx logContext.Context, file *zip.File, resTable *apkparser.ResourceTable, apkChan chan []byte) error { + data, err := readFile(file) + if err != nil { + return fmt.Errorf("failed to read file %s: %w", file.Name, err) + } + if len(data) == 0 { + return nil + } + + // Decode the file based on its extension + switch { + case strings.HasSuffix(file.Name, ".xml"): + xmlData, err := decodeXML(data, resTable) + if err != nil { + return fmt.Errorf("failed to decode xml file %s: %w", file.Name, err) + } + h.handleAPKFileContent(ctx, xmlData, file.Name, apkChan) + case strings.HasSuffix(file.Name, ".dex"): + dexStrings, err := decodeDexStrings(data) + if err != nil { + return fmt.Errorf("failed to decode dex file %s: %w", file.Name, err) + } + h.handleAPKFileContent(ctx, dexStrings, file.Name, apkChan) + case strings.HasSuffix(file.Name, ".json"): + h.handleAPKFileContent(ctx, string(data), file.Name, apkChan) + } + return nil +} + +// handleAPKFileContent sends the extracted data to the provided channel via the handleNonArchiveContent function. +// Reviewers Note: If there's a better way to handle this, please let me know. +func (h *apkHandler) handleAPKFileContent(ctx logContext.Context, data string, fileName string, apkChan chan []byte) { + r := mimeTypeReader{mimeExt: "", Reader: bytes.NewReader([]byte(data))} + + ctx = logContext.WithValues( + ctx, + "filename", fileName, + "size", len(data), + ) + + if err := h.handleNonArchiveContent(ctx, r, apkChan); err != nil { + ctx.Logger().Error(err, "error handling apk file") + } +} + +// createZipReader creates a new ZIP reader from the input fileReader. +func createZipReader(input fileReader) (*zip.Reader, error) { + size, err := input.Seek(0, io.SeekEnd) + if err != nil { + return nil, err + } + // Reset the reader position to the start + _, err = input.Seek(0, io.SeekStart) + if err != nil { + return nil, err + } + // Create a new ZIP reader for the data + zipReader, err := zip.NewReader(input, size) + if err != nil { + return nil, err + } + return zipReader, err +} + +// parseResTable parses the resources.arsc file and returns the ResourceTable. +func parseResTable(zipReader *zip.Reader) (*apkparser.ResourceTable, error) { + for _, file := range zipReader.File { + if file.Name == "resources.arsc" { + data, err := readFile(file) + if err != nil { + return nil, err + } + resTable, err := apkparser.ParseResourceTable(bytes.NewReader(data)) + if err != nil { + return nil, err + } + return resTable, nil + } + } + return nil, errors.New("resources.arsc file not found") +} + +// readFile reads the file from the zip archive and returns the data as a byte slice. +func readFile(file *zip.File) ([]byte, error) { + rc, err := file.Open() + if err != nil { + return nil, err + } + var buf bytes.Buffer + _, copyErr := io.Copy(&buf, rc) + rc.Close() // Close immediately after reading + if copyErr != nil { + return nil, copyErr + } + return buf.Bytes(), nil +} + +// hasSuffix checks if the name has any of the provided suffixes. +func hasSuffix(name string, suffixes []string) bool { + for _, suffix := range suffixes { + if strings.HasSuffix(name, suffix) { + return true + } + } + return false +} + +// hasSubstring checks if the string contains any of the provided substrings. +func hasSubstring(s string, substrings []string) bool { + for _, sub := range substrings { + if strings.Contains(s, sub) { + return true + } + } + return false +} + +// extractStringsFromResTable extracts the strings from the resources table +// Note: This is a hacky way to get the strings from the resources table +// APK strings are typically (always?) stored in the 0x7f000000-0x7fffffff range +// https://chromium.googlesource.com/chromium/src/+/master/build/android/docs/life_of_a_resource.md +func extractStringsFromResTable(resTable *apkparser.ResourceTable) (string, error) { + var resourceStrings string + inStrings := false + for i := 0x7f000000; i <= 0x7fffffff; i++ { + entry, _ := resTable.GetResourceEntry(uint32(i)) + if entry == nil { + continue + } + if entry.ResourceType == "string" { + inStrings = true + val, err := entry.GetValue().String() + if err != nil { + return "", err + } + resourceStrings += fmt.Sprintf("%s: %s\n", entry.Key, val) + } + // Exit the loop if we've finished processing the strings + if inStrings && entry.ResourceType != "string" { + break + } + } + return resourceStrings, nil +} + +// decodeDexStrings decodes the dex file and returns the string representation of the instructions +func decodeDexStrings(data []byte) (string, error) { + // Read in dex file + f := bytes.NewReader(data) + r, err := dextk.Read(f) + if err != nil { + log.Panicln(err) + } + + // Get strings from the dex file + var dexOutput strings.Builder + ci := r.ClassIter() + for ci.HasNext() { + node, err := ci.Next() + if err != nil { + break + } + + for _, method := range node.DirectMethods { + out, err := processDexMethod(r, method) + if err != nil { + return "", err + } + dexOutput.WriteString(out) + } + + for _, method := range node.VirtualMethods { + out, err := processDexMethod(r, method) + if err != nil { + return "", err + } + dexOutput.WriteString(out) + } + } + return dexOutput.String(), nil +} + +// processDexMethod processes a dex method and returns the string representation of the instruction +func processDexMethod(r *dextk.Reader, m dextk.MethodNode) (string, error) { + if m.CodeOff == 0 { + return "", nil + } + + c, err := r.ReadCodeAndParse(m.CodeOff) + if err != nil { + return "", err + } + + var s strings.Builder + for _, o := range c.Ops { + if hasSubstring(o.String(), targetInstructionTypes) { + s.WriteString(fmt.Sprintf("%s\n", formatInstruction(o.String()))) + } + } + return s.String(), nil +} + +// formatInstruction removes unnecessary information from the dex instruction +// Note: This is critical for ensuring secret + keyword are in close proximity. +// If we expand the instructions we're looking at, this function will need to be updated. +func formatInstruction(line string) string { + reFieldPrefix := regexp.MustCompile(`iput-object obj=\d+ field=com/[a-zA-Z0-9/_]+:`) + reTypeSuffix := regexp.MustCompile(`Ljava/lang/String; src=\d+`) + reConstString := regexp.MustCompile(`const-string dst=\d+`) + + line = reFieldPrefix.ReplaceAllString(line, "") + line = reTypeSuffix.ReplaceAllString(line, "") + line = reConstString.ReplaceAllString(line, "") + return line +} + +func decodeXML(xmlData []byte, resTable *apkparser.ResourceTable) (string, error) { + // Create a buffer to store the formatted XML data + var buf bytes.Buffer + enc := xml.NewEncoder(&buf) + + // Parse the XML data using the apkparser library + resource table + rdr := bytes.NewReader(xmlData) + err := apkparser.ParseXml(rdr, enc, resTable) + if err != nil { + // If the error is due to plaintext XML, return the plaintext XML stringified + if err.Error() == "xml is in plaintext, binary form expected" { + return string(xmlData), nil + } + return "", err + } + return buf.String(), nil +} diff --git a/pkg/handlers/handlers.go b/pkg/handlers/handlers.go index 1b91a5ec2978..d1dc74a0d4ee 100644 --- a/pkg/handlers/handlers.go +++ b/pkg/handlers/handlers.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "io" + "path/filepath" "time" "github.com/gabriel-vasile/mimetype" @@ -12,6 +13,7 @@ import ( logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/iobuf" + "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/sources" ) @@ -157,6 +159,7 @@ const ( archiveHandlerType handlerType = "archive" arHandlerType handlerType = "ar" rpmHandlerType handlerType = "rpm" + apkHandlerType handlerType = "apk" defaultHandlerType handlerType = "default" ) @@ -192,6 +195,7 @@ const ( pyScriptMime mimeType = "application/x-script.python" tclTextMime mimeType = "text/x-tcl" tclMime mimeType = "application/x-tcl" + apkMime mimeType = "application/vnd.android.package-archive" ) // skipArchiverMimeTypes is a set of MIME types that should bypass archiver library processing because they are either @@ -226,6 +230,7 @@ var skipArchiverMimeTypes = map[mimeType]struct{}{ pyScriptMime: {}, tclTextMime: {}, tclMime: {}, + apkMime: {}, } // selectHandler dynamically selects and configures a FileHandler based on the provided |mimetype| type and archive flag. @@ -233,6 +238,7 @@ var skipArchiverMimeTypes = map[mimeType]struct{}{ // This method uses specialized handlers for specific file types: // - arHandler is used for Unix archives and Debian packages ('arMime', 'unixArMime', and 'debMime'). // - rpmHandler is used for RPM and CPIO archives ('rpmMime' and 'cpioMime'). +// - apkHandler is used for APK archives ('apkMime'). // - archiveHandler is used for common archive formats supported by the archiver library (.zip, .tar, .gz, etc.). // - defaultHandler is used for non-archive files. // The selected handler is then returned, ready to handle the file according to its specific format and requirements. @@ -242,6 +248,8 @@ func selectHandler(mimeT mimeType, isGenericArchive bool) FileHandler { return newARHandler() case rpmMime, cpioMime: return newRPMHandler() + case apkMime: + return newAPKHandler() default: if isGenericArchive { return newArchiveHandler() @@ -303,6 +311,19 @@ func HandleFile( return nil } + // If the file is an 'application/jar' or "application/zip" file, check filename for the .apk extension. + // This logic can't live inside the newReader() function b/c we don't have access to the filename. + // If we want to detect based on file contents instead, we need to read the file directory and look for + // the AndroidManifest.xml and resources.arsc files. + if mimeT == "application/jar" || mimeT == "application/zip" { + ext := getFileExtension(chunkSkel) + if ext == ".apk" { + fmt.Println("APK file detected by extension") + mimeT = apkMime + ctx = logContext.WithValues(ctx, "mime", mimeT) + } + } + processingCtx, cancel := logContext.WithTimeout(ctx, maxTimeout) defer cancel() @@ -346,3 +367,81 @@ func handleChunks( } } } + +// getFileExtension extracts the file extension from the chunk's SourceMetadata. +// It considers all sources defined in the MetaData message. +// Note: Probably should add this as a method to the source_metadatapb object. +// then it'd just be chunkSkel.SourceMetadata.GetFileExtension() +func getFileExtension(chunkSkel *sources.Chunk) string { + if chunkSkel == nil || chunkSkel.SourceMetadata == nil { + return "" + } + + var fileName string + + // Inspect the SourceMetadata to determine the source type + switch metadata := chunkSkel.SourceMetadata.Data.(type) { + case *source_metadatapb.MetaData_Artifactory: + fileName = metadata.Artifactory.Path + case *source_metadatapb.MetaData_Azure: + fileName = metadata.Azure.File + case *source_metadatapb.MetaData_AzureRepos: + fileName = metadata.AzureRepos.File + case *source_metadatapb.MetaData_Bitbucket: + fileName = metadata.Bitbucket.File + case *source_metadatapb.MetaData_Buildkite: + fileName = metadata.Buildkite.Link + case *source_metadatapb.MetaData_Circleci: + fileName = metadata.Circleci.Link + case *source_metadatapb.MetaData_Confluence: + fileName = metadata.Confluence.File + case *source_metadatapb.MetaData_Docker: + fileName = metadata.Docker.File + case *source_metadatapb.MetaData_Ecr: + fileName = metadata.Ecr.File + case *source_metadatapb.MetaData_Filesystem: + fileName = metadata.Filesystem.File + case *source_metadatapb.MetaData_Git: + fileName = metadata.Git.File + case *source_metadatapb.MetaData_Github: + fileName = metadata.Github.File + case *source_metadatapb.MetaData_Gitlab: + fileName = metadata.Gitlab.File + case *source_metadatapb.MetaData_Gcs: + fileName = metadata.Gcs.Filename + case *source_metadatapb.MetaData_GoogleDrive: + fileName = metadata.GoogleDrive.File + case *source_metadatapb.MetaData_Huggingface: + fileName = metadata.Huggingface.File + case *source_metadatapb.MetaData_Jira: + fileName = metadata.Jira.Link + case *source_metadatapb.MetaData_Jenkins: + fileName = metadata.Jenkins.Link + case *source_metadatapb.MetaData_Npm: + fileName = metadata.Npm.File + case *source_metadatapb.MetaData_Pypi: + fileName = metadata.Pypi.File + case *source_metadatapb.MetaData_S3: + fileName = metadata.S3.File + case *source_metadatapb.MetaData_Slack: + fileName = metadata.Slack.File + case *source_metadatapb.MetaData_Sharepoint: + fileName = metadata.Sharepoint.Link + case *source_metadatapb.MetaData_Gerrit: + fileName = metadata.Gerrit.File + case *source_metadatapb.MetaData_Test: + fileName = metadata.Test.File + case *source_metadatapb.MetaData_Teams: + fileName = metadata.Teams.File + case *source_metadatapb.MetaData_TravisCI: + fileName = metadata.TravisCI.Link + // Add other sources if they have a file or equivalent field + // Skipping Syslog, Forager, Postman, Vector, Webhook and Elasticsearch + default: + return "" + } + + // Use filepath.Ext to extract the file extension from the file name + ext := filepath.Ext(fileName) + return ext +} From 5efbacdc3768f71e0a416944189f3555f4740556 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Mon, 28 Oct 2024 15:52:21 -0400 Subject: [PATCH 02/15] added a couple tests --- pkg/handlers/apk.go | 4 +- pkg/handlers/apk_test.go | 87 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+), 2 deletions(-) create mode 100644 pkg/handlers/apk_test.go diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index b6b3731c78f7..178e1d4bfa34 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -76,7 +76,7 @@ func (h *apkHandler) HandleFile(ctx logContext.Context, input fileReader) (chan } }() - if err = h.ProcessAPK(ctx, input, apkChan); err != nil { + if err = h.processAPK(ctx, input, apkChan); err != nil { ctx.Logger().Error(err, "error handling apk.") } }() @@ -84,7 +84,7 @@ func (h *apkHandler) HandleFile(ctx logContext.Context, input fileReader) (chan } // processAPK processes the apk file and sends the extracted data to the provided channel. -func (h *apkHandler) ProcessAPK(ctx logContext.Context, input fileReader, apkChan chan []byte) error { +func (h *apkHandler) processAPK(ctx logContext.Context, input fileReader, apkChan chan []byte) error { // Create a ZIP reader from the input fileReader zipReader, err := createZipReader(input) diff --git a/pkg/handlers/apk_test.go b/pkg/handlers/apk_test.go new file mode 100644 index 000000000000..7af7236950b4 --- /dev/null +++ b/pkg/handlers/apk_test.go @@ -0,0 +1,87 @@ +package handlers + +import ( + "io" + "net/http" + "regexp" + "strings" + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/trufflesecurity/trufflehog/v3/pkg/context" + logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" +) + +func TestAPKHandler(t *testing.T) { + tests := map[string]struct { + archiveURL string + expectedChunks int + expectedSecrets int + matchString string + expectErr bool + }{ + "apk_with_3_leaked_keys": { + "https://github.com/joeleonjr/leakyAPK/raw/refs/heads/main/aws_leak.apk", + 401, + 3, + "AKIA2UC3BSXMLSCLTUUS", + false, + }, + } + + for name, testCase := range tests { + t.Run(name, func(t *testing.T) { + resp, err := http.Get(testCase.archiveURL) + assert.NoError(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) + defer resp.Body.Close() + + handler := newAPKHandler() + + newReader, err := newFileReader(resp.Body) + if err != nil { + t.Errorf("error creating reusable reader: %s", err) + } + defer newReader.Close() + + archiveChan, err := handler.HandleFile(logContext.Background(), newReader) + if testCase.expectErr { + assert.NoError(t, err) + return + } + + chunkCount := 0 + secretCount := 0 + re := regexp.MustCompile(testCase.matchString) + matched := false + for chunk := range archiveChan { + chunkCount++ + if re.Match(chunk) { + secretCount++ + matched = true + } + } + + assert.True(t, matched) + assert.Equal(t, testCase.expectedChunks, chunkCount) + assert.Equal(t, testCase.expectedSecrets, secretCount) + }) + } +} + +func TestOpenInvalidAPK(t *testing.T) { + reader := strings.NewReader("invalid apk") + + ctx := logContext.AddLogger(context.Background()) + handler := apkHandler{} + + rdr, err := newFileReader(io.NopCloser(reader)) + assert.NoError(t, err) + defer rdr.Close() + + archiveChan := make(chan []byte) + + err = handler.processAPK(ctx, rdr, archiveChan) + assert.Error(t, err) +} From 3133d4d9263375f97a3a3a1dc7f13c2fe238e7c5 Mon Sep 17 00:00:00 2001 From: joeleonjr <20135619+joeleonjr@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:53:37 -0400 Subject: [PATCH 03/15] Update pkg/handlers/handlers.go Co-authored-by: Richard Gomez <32133502+rgmz@users.noreply.github.com> --- pkg/handlers/handlers.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/handlers/handlers.go b/pkg/handlers/handlers.go index d1dc74a0d4ee..1f96b1f2033a 100644 --- a/pkg/handlers/handlers.go +++ b/pkg/handlers/handlers.go @@ -318,7 +318,7 @@ func HandleFile( if mimeT == "application/jar" || mimeT == "application/zip" { ext := getFileExtension(chunkSkel) if ext == ".apk" { - fmt.Println("APK file detected by extension") + ctx.Logger().V(3).Info("APK file detected by extension", "extension", ext) mimeT = apkMime ctx = logContext.WithValues(ctx, "mime", mimeT) } From 3b15fbbd64a5f339497c1e895f8ca6cd4ea2f36d Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Tue, 29 Oct 2024 09:49:33 -0400 Subject: [PATCH 04/15] updating log status --- pkg/handlers/apk.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 178e1d4bfa34..32b021a512b2 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -107,7 +107,7 @@ func (h *apkHandler) processAPK(ctx logContext.Context, input fileReader, apkCha for _, file := range zipReader.File { if hasSuffix(file.Name, targetFileTypes) { if err := h.processFile(ctx, file, resTable, apkChan); err != nil { - ctx.Logger().Error(err, fmt.Sprintf("failed to process file: %s", file.Name)) + ctx.Logger().V(2).Info(fmt.Sprintf("failed to process file: %s", file.Name), "error", err) } } } From c99a4dcf01b08035ee7d2373df4d2a5040b10d98 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Wed, 30 Oct 2024 11:22:55 -0400 Subject: [PATCH 05/15] refactored + added new integration test --- pkg/handlers/apk.go | 187 ++++++++++++++++++++------------------- pkg/handlers/apk_test.go | 27 +++++- 2 files changed, 120 insertions(+), 94 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 32b021a512b2..12044c155e6e 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "io" - "log" "regexp" "strings" "time" @@ -28,14 +27,15 @@ import ( // ToDo: Provide file location information to secret output. var ( - targetFileTypes = []string{".xml", ".dex", ".json"} - // Note: Only targeting xml, dex, and json files for now. This might need to be expanded. - // If expanding, ensure the processFile function is updated to handle the new file types. targetInstructionTypes = []string{"const-string", "iput-object"} // Note: We're only looking at `const-string` and `iput-objects` for now. This might need to be expanded. - // If expanding, ensure the formatInstruction function is updated to handle the relevant instructions. + // If expanding, update precompiled REGEX below + update the formatInstruction function. // - const-string: loads a string into a register (value) // - iput-object: stores a string into a field (key) + reFieldPrefix = regexp.MustCompile(`iput-object obj=\d+ field=com/[a-zA-Z0-9/_]+:`) + reTypeSuffix = regexp.MustCompile(`Ljava/lang/String; src=\d+`) + reConstString = regexp.MustCompile(`const-string dst=\d+`) + // Precompiling regexes for performance ) // apkHandler handles apk archive formats. @@ -103,12 +103,10 @@ func (h *apkHandler) processAPK(ctx logContext.Context, input fileReader, apkCha ctx.Logger().Error(err, "failed to process resources.arsc") } - // Process all xml, json and dex files for secrets + // Process all files for secrets for _, file := range zipReader.File { - if hasSuffix(file.Name, targetFileTypes) { - if err := h.processFile(ctx, file, resTable, apkChan); err != nil { - ctx.Logger().V(2).Info(fmt.Sprintf("failed to process file: %s", file.Name), "error", err) - } + if err := h.processFile(ctx, file, resTable, apkChan); err != nil { + ctx.Logger().V(2).Info(fmt.Sprintf("failed to process file: %s", file.Name), "error", err) } } return nil @@ -119,58 +117,58 @@ func (h *apkHandler) processResources(ctx logContext.Context, resTable *apkparse if resTable == nil { return errors.New("ResourceTable is nil") } - resourcesStrings, err := extractStringsFromResTable(resTable) + rscStrRdr, err := extractStringsFromResTable(resTable) if err != nil { return fmt.Errorf("failed to parse strings from resources.arsc: %w", err) } - h.handleAPKFileContent(ctx, resourcesStrings, "resources.arsc", apkChan) + h.handleAPKFileContent(ctx, rscStrRdr, "resources.arsc", apkChan) return nil } // processFile processes the file and sends the extracted data to the provided channel. func (h *apkHandler) processFile(ctx logContext.Context, file *zip.File, resTable *apkparser.ResourceTable, apkChan chan []byte) error { - data, err := readFile(file) + // check if the file is empty + if file.UncompressedSize64 == 0 { + return nil + } + + // Read the file data + rdr, err := readFile(file) if err != nil { return fmt.Errorf("failed to read file %s: %w", file.Name, err) } - if len(data) == 0 { - return nil - } + defer rdr.Close() // Decode the file based on its extension switch { case strings.HasSuffix(file.Name, ".xml"): - xmlData, err := decodeXML(data, resTable) + xmlRdr, err := decodeXML(rdr, resTable) if err != nil { return fmt.Errorf("failed to decode xml file %s: %w", file.Name, err) } - h.handleAPKFileContent(ctx, xmlData, file.Name, apkChan) + return h.handleAPKFileContent(ctx, xmlRdr, file.Name, apkChan) case strings.HasSuffix(file.Name, ".dex"): - dexStrings, err := decodeDexStrings(data) + dexRdr, err := processDexFile(ctx, rdr) if err != nil { return fmt.Errorf("failed to decode dex file %s: %w", file.Name, err) } - h.handleAPKFileContent(ctx, dexStrings, file.Name, apkChan) - case strings.HasSuffix(file.Name, ".json"): - h.handleAPKFileContent(ctx, string(data), file.Name, apkChan) + return h.handleAPKFileContent(ctx, dexRdr, file.Name, apkChan) + default: + return h.handleAPKFileContent(ctx, rdr, file.Name, apkChan) } - return nil } // handleAPKFileContent sends the extracted data to the provided channel via the handleNonArchiveContent function. -// Reviewers Note: If there's a better way to handle this, please let me know. -func (h *apkHandler) handleAPKFileContent(ctx logContext.Context, data string, fileName string, apkChan chan []byte) { - r := mimeTypeReader{mimeExt: "", Reader: bytes.NewReader([]byte(data))} - +func (h *apkHandler) handleAPKFileContent(ctx logContext.Context, rdr io.Reader, fileName string, apkChan chan []byte) error { + mimeReader, err := newMimeTypeReader(rdr) + if err != nil { + return fmt.Errorf("failed to create mimeTypeReader for file %s: %w", fileName, err) + } ctx = logContext.WithValues( ctx, "filename", fileName, - "size", len(data), ) - - if err := h.handleNonArchiveContent(ctx, r, apkChan); err != nil { - ctx.Logger().Error(err, "error handling apk file") - } + return h.handleNonArchiveContent(ctx, mimeReader, apkChan) } // createZipReader creates a new ZIP reader from the input fileReader. @@ -196,43 +194,30 @@ func createZipReader(input fileReader) (*zip.Reader, error) { func parseResTable(zipReader *zip.Reader) (*apkparser.ResourceTable, error) { for _, file := range zipReader.File { if file.Name == "resources.arsc" { - data, err := readFile(file) + rdr, err := readFile(file) if err != nil { return nil, err } - resTable, err := apkparser.ParseResourceTable(bytes.NewReader(data)) + defer rdr.Close() + + resTable, err := apkparser.ParseResourceTable(rdr) if err != nil { return nil, err } return resTable, nil } } - return nil, errors.New("resources.arsc file not found") + return nil, errors.New("resources.arsc file not found in the APK archive") } -// readFile reads the file from the zip archive and returns the data as a byte slice. -func readFile(file *zip.File) ([]byte, error) { +// readFile reads the file from the zip archive and returns the data as an io.ReadCloser +// Note: responsibility of calling function to close the reader +func readFile(file *zip.File) (io.ReadCloser, error) { rc, err := file.Open() if err != nil { return nil, err } - var buf bytes.Buffer - _, copyErr := io.Copy(&buf, rc) - rc.Close() // Close immediately after reading - if copyErr != nil { - return nil, copyErr - } - return buf.Bytes(), nil -} - -// hasSuffix checks if the name has any of the provided suffixes. -func hasSuffix(name string, suffixes []string) bool { - for _, suffix := range suffixes { - if strings.HasSuffix(name, suffix) { - return true - } - } - return false + return rc, nil } // hasSubstring checks if the string contains any of the provided substrings. @@ -249,8 +234,8 @@ func hasSubstring(s string, substrings []string) bool { // Note: This is a hacky way to get the strings from the resources table // APK strings are typically (always?) stored in the 0x7f000000-0x7fffffff range // https://chromium.googlesource.com/chromium/src/+/master/build/android/docs/life_of_a_resource.md -func extractStringsFromResTable(resTable *apkparser.ResourceTable) (string, error) { - var resourceStrings string +func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, error) { + var resourceStrings bytes.Buffer inStrings := false for i := 0x7f000000; i <= 0x7fffffff; i++ { entry, _ := resTable.GetResourceEntry(uint32(i)) @@ -261,57 +246,74 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (string, erro inStrings = true val, err := entry.GetValue().String() if err != nil { - return "", err + return nil, err + } + // Write directly to the buffer + _, err = resourceStrings.WriteString(fmt.Sprintf("%s: %s\n", entry.Key, val)) + if err != nil { + return nil, err } - resourceStrings += fmt.Sprintf("%s: %s\n", entry.Key, val) } // Exit the loop if we've finished processing the strings if inStrings && entry.ResourceType != "string" { break } } - return resourceStrings, nil + return &resourceStrings, nil } -// decodeDexStrings decodes the dex file and returns the string representation of the instructions -func decodeDexStrings(data []byte) (string, error) { - // Read in dex file - f := bytes.NewReader(data) - r, err := dextk.Read(f) +// processDexFile decodes the dex file and returns the relevant instructions +func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { + // dextk.Read() requires an io.ReaderAt interface, + // so we first convert the reader to a byte slice + data, err := io.ReadAll(rdr) if err != nil { - log.Panicln(err) + return nil, err } + bytesRdr := bytes.NewReader(data) - // Get strings from the dex file - var dexOutput strings.Builder - ci := r.ClassIter() + // Read the dex file + dexReader, err := dextk.Read(bytesRdr) + if err != nil { + return nil, err + } + + // Get relevant instruction data from the dex file + var dexOutput bytes.Buffer + ci := dexReader.ClassIter() for ci.HasNext() { node, err := ci.Next() if err != nil { break } + processDexClass(ctx, dexReader, node, &dexOutput) + } + return &dexOutput, nil +} - for _, method := range node.DirectMethods { - out, err := processDexMethod(r, method) - if err != nil { - return "", err - } - dexOutput.WriteString(out) - } +// processDexClass processes a single class node's methods +func processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk.ClassNode, dexOutput *bytes.Buffer) { + // Process Direct Methods + processDexMethod(ctx, dexReader, node.DirectMethods, dexOutput) + // Process Virtual Methods + processDexMethod(ctx, dexReader, node.VirtualMethods, dexOutput) +} - for _, method := range node.VirtualMethods { - out, err := processDexMethod(r, method) - if err != nil { - return "", err - } - dexOutput.WriteString(out) +// processDexMethod iterates over a slice of methods, processes each method, +// handles errors, and writes the output to dexOutput. +func processDexMethod(ctx logContext.Context, dexReader *dextk.Reader, methods []dextk.MethodNode, dexOutput *bytes.Buffer) { + for _, method := range methods { + out, err := parseDexInstructions(dexReader, method) + if err != nil { + ctx.Logger().V(2).Info("failed to process dex method", "error", err) + continue // Continue processing other methods even if one fails } + dexOutput.WriteString(out) } - return dexOutput.String(), nil } -// processDexMethod processes a dex method and returns the string representation of the instruction -func processDexMethod(r *dextk.Reader, m dextk.MethodNode) (string, error) { +// parseDexInstructions processes a dex method and returns the string representation of the instruction +func parseDexInstructions(r *dextk.Reader, m dextk.MethodNode) (string, error) { if m.CodeOff == 0 { return "", nil } @@ -334,30 +336,29 @@ func processDexMethod(r *dextk.Reader, m dextk.MethodNode) (string, error) { // Note: This is critical for ensuring secret + keyword are in close proximity. // If we expand the instructions we're looking at, this function will need to be updated. func formatInstruction(line string) string { - reFieldPrefix := regexp.MustCompile(`iput-object obj=\d+ field=com/[a-zA-Z0-9/_]+:`) - reTypeSuffix := regexp.MustCompile(`Ljava/lang/String; src=\d+`) - reConstString := regexp.MustCompile(`const-string dst=\d+`) - line = reFieldPrefix.ReplaceAllString(line, "") line = reTypeSuffix.ReplaceAllString(line, "") line = reConstString.ReplaceAllString(line, "") return line } -func decodeXML(xmlData []byte, resTable *apkparser.ResourceTable) (string, error) { +func decodeXML(rdr io.ReadCloser, resTable *apkparser.ResourceTable) (io.Reader, error) { // Create a buffer to store the formatted XML data var buf bytes.Buffer enc := xml.NewEncoder(&buf) // Parse the XML data using the apkparser library + resource table - rdr := bytes.NewReader(xmlData) err := apkparser.ParseXml(rdr, enc, resTable) if err != nil { // If the error is due to plaintext XML, return the plaintext XML stringified if err.Error() == "xml is in plaintext, binary form expected" { - return string(xmlData), nil + xmlData, readErr := io.ReadAll(rdr) + if readErr != nil { + return nil, readErr + } + return bytes.NewReader(xmlData), nil } - return "", err + return nil, err } - return buf.String(), nil + return &buf, nil } diff --git a/pkg/handlers/apk_test.go b/pkg/handlers/apk_test.go index 7af7236950b4..135885c1cbf4 100644 --- a/pkg/handlers/apk_test.go +++ b/pkg/handlers/apk_test.go @@ -83,5 +83,30 @@ func TestOpenInvalidAPK(t *testing.T) { archiveChan := make(chan []byte) err = handler.processAPK(ctx, rdr, archiveChan) - assert.Error(t, err) + assert.Contains(t, err.Error(), "zip: not a valid zip file") +} + +func TestOpenValidZipInvalidAPK(t *testing.T) { + // Grabbed from archive_test.go + validZipURL := "https://raw.githubusercontent.com/bill-rich/bad-secrets/master/aws-canary-creds.zip" + + resp, err := http.Get(validZipURL) + assert.NoError(t, err) + assert.Equal(t, http.StatusOK, resp.StatusCode) + defer resp.Body.Close() + + handler := newAPKHandler() + + newReader, err := newFileReader(resp.Body) + if err != nil { + t.Errorf("error creating reusable reader: %s", err) + } + assert.NoError(t, err) + defer newReader.Close() + + archiveChan := make(chan []byte) + ctx := logContext.AddLogger(context.Background()) + + err = handler.processAPK(ctx, newReader, archiveChan) + assert.Contains(t, err.Error(), "resources.arsc file not found") } From 21d0312f80ace53b0662d795317780fb30e2bdef Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Wed, 30 Oct 2024 12:13:05 -0400 Subject: [PATCH 06/15] updated test --- pkg/handlers/apk_test.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkg/handlers/apk_test.go b/pkg/handlers/apk_test.go index 135885c1cbf4..a53cbf3b77d2 100644 --- a/pkg/handlers/apk_test.go +++ b/pkg/handlers/apk_test.go @@ -23,8 +23,10 @@ func TestAPKHandler(t *testing.T) { }{ "apk_with_3_leaked_keys": { "https://github.com/joeleonjr/leakyAPK/raw/refs/heads/main/aws_leak.apk", - 401, - 3, + 499, + // Note: the secret count is 4 instead of 3 b/c we're not actually running the secret detection engine, + // we're just looking for a string match. There is one extra string match in the APK (but only 3 detected secrets). + 4, "AKIA2UC3BSXMLSCLTUUS", false, }, From a8276d080516efdbb5f330e547735ef7cadf5f2f Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Wed, 30 Oct 2024 12:33:41 -0400 Subject: [PATCH 07/15] fixed linting error --- pkg/handlers/apk.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 12044c155e6e..f016d033ba6f 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -121,8 +121,7 @@ func (h *apkHandler) processResources(ctx logContext.Context, resTable *apkparse if err != nil { return fmt.Errorf("failed to parse strings from resources.arsc: %w", err) } - h.handleAPKFileContent(ctx, rscStrRdr, "resources.arsc", apkChan) - return nil + return h.handleAPKFileContent(ctx, rscStrRdr, "resources.arsc", apkChan) } // processFile processes the file and sends the extracted data to the provided channel. From eac29fecc2854103c8860a5c1aca82facdd4c960 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Fri, 1 Nov 2024 14:51:05 -0400 Subject: [PATCH 08/15] added keyword-value pairs during dex file scanning --- pkg/handlers/apk.go | 145 ++- pkg/handlers/apk_keywords.go | 1672 ++++++++++++++++++++++++++++++++++ 2 files changed, 1778 insertions(+), 39 deletions(-) create mode 100644 pkg/handlers/apk_keywords.go diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index f016d033ba6f..23f626c00d8a 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -27,15 +27,25 @@ import ( // ToDo: Provide file location information to secret output. var ( - targetInstructionTypes = []string{"const-string", "iput-object"} - // Note: We're only looking at `const-string` and `iput-objects` for now. This might need to be expanded. - // If expanding, update precompiled REGEX below + update the formatInstruction function. + stringInstructionType = "const-string" + targetInstructionTypes = []string{stringInstructionType, "iput-object", "sput-object", "const-class", "invoke-virtual", "invoke-super", "invoke-direct", "invoke-static", "invoke-interface"} + // Note: We're only looking at a subset of instructions. + // If expanding, update precompiled REGEX below. // - const-string: loads a string into a register (value) // - iput-object: stores a string into a field (key) - reFieldPrefix = regexp.MustCompile(`iput-object obj=\d+ field=com/[a-zA-Z0-9/_]+:`) - reTypeSuffix = regexp.MustCompile(`Ljava/lang/String; src=\d+`) - reConstString = regexp.MustCompile(`const-string dst=\d+`) - // Precompiling regexes for performance + // - the rest have to do with function, methods, objects and classes. + reIPutRegex = regexp.MustCompile(`iput-object obj=\d+ field=com/[a-zA-Z0-9/_]+:([a-zA-Z0-9_]+):`) + reSPutRegex = regexp.MustCompile(`sput-object field=com/[a-zA-Z0-9/_]+:([a-zA-Z0-9_]+):`) + reConstRegex = regexp.MustCompile(`const-string(?:/jumbo)? dst=\d+ value='([^']*)'`) + reConstClassRegex = regexp.MustCompile(`const-class dst=\d+ value='[a-zA-Z0-9/_$]+/([a-zA-Z0-9]+)(?:\$|;)`) + reInvokeRegex = regexp.MustCompile(`invoke-(?:virtual|super|direct|static|interface)(?:/range)? method=[a-zA-Z0-9/._$]+/([a-zA-Z0-9_$]+:[a-zA-Z0-9_<]+)`) + reInstructions = []*regexp.Regexp{ + reIPutRegex, + reSPutRegex, + reConstRegex, + reConstClassRegex, + reInvokeRegex, + } ) // apkHandler handles apk archive formats. @@ -77,7 +87,24 @@ func (h *apkHandler) HandleFile(ctx logContext.Context, input fileReader) (chan }() if err = h.processAPK(ctx, input, apkChan); err != nil { - ctx.Logger().Error(err, "error handling apk.") + // If we encounter an error during apk parsing, revert to zip handler. + // This ensures anything named .apk that isn't an Android package is still processed. + ctx.Logger().Error(err, "error processing apk content. reverting to zip handler.") + processingCtx, processingCancel := logContext.WithTimeout(logContext.Background(), maxTimeout) + defer processingCancel() + + // Instantiate a new zip handler to process the apk as a zip archive. + zipHandler := newArchiveHandler() + zipChan, err := zipHandler.HandleFile(processingCtx, input) + if err != nil { + ctx.Logger().Error(err, "error handling zip content.") + // Question: Should we handle errors differently here? instead of just returning + return + } + // Copy the zipChan to the apkChan + for data := range zipChan { + apkChan <- data + } } }() return apkChan, nil @@ -219,16 +246,6 @@ func readFile(file *zip.File) (io.ReadCloser, error) { return rc, nil } -// hasSubstring checks if the string contains any of the provided substrings. -func hasSubstring(s string, substrings []string) bool { - for _, sub := range substrings { - if strings.Contains(s, sub) { - return true - } - } - return false -} - // extractStringsFromResTable extracts the strings from the resources table // Note: This is a hacky way to get the strings from the resources table // APK strings are typically (always?) stored in the 0x7f000000-0x7fffffff range @@ -277,6 +294,8 @@ func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error return nil, err } + defaultKeywords := DefaultDetectorKeywords() + // Get relevant instruction data from the dex file var dexOutput bytes.Buffer ci := dexReader.ClassIter() @@ -285,60 +304,108 @@ func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error if err != nil { break } - processDexClass(ctx, dexReader, node, &dexOutput) + processDexClass(ctx, dexReader, node, defaultKeywords, &dexOutput) } + return &dexOutput, nil } // processDexClass processes a single class node's methods -func processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk.ClassNode, dexOutput *bytes.Buffer) { +func processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk.ClassNode, defaultKeywords map[string]struct{}, dexOutput *bytes.Buffer) { + + var classOutput bytes.Buffer + methodValues := make(map[string]struct{}) + // Process Direct Methods - processDexMethod(ctx, dexReader, node.DirectMethods, dexOutput) + processDexMethod(ctx, dexReader, node.DirectMethods, &classOutput, methodValues) // Process Virtual Methods - processDexMethod(ctx, dexReader, node.VirtualMethods, dexOutput) + processDexMethod(ctx, dexReader, node.VirtualMethods, &classOutput, methodValues) + + // Write the classOutput to the dexOutput + dexOutput.Write(classOutput.Bytes()) + + // Stringify the classOutput value for case-insensitive keyword matching + classOutputLower := strings.ToLower(classOutput.String()) + + // Check if classOutput contains any of the default keywords + foundKeywords := make(map[string]struct{}) + for keyword := range defaultKeywords { + if strings.Contains(classOutputLower, keyword) { + foundKeywords[keyword] = struct{}{} // Directly add to the map + } + } + + // For each found keyword, create a keyword:value pair and append to dexOutput + var keyValuePairs bytes.Buffer + for str := range methodValues { + for keyword := range foundKeywords { + keyValuePairs.Reset() + keyValuePairs.WriteString(keyword + ":" + str + "\n") + dexOutput.Write(keyValuePairs.Bytes()) + } + } } // processDexMethod iterates over a slice of methods, processes each method, // handles errors, and writes the output to dexOutput. -func processDexMethod(ctx logContext.Context, dexReader *dextk.Reader, methods []dextk.MethodNode, dexOutput *bytes.Buffer) { +func processDexMethod(ctx logContext.Context, dexReader *dextk.Reader, methods []dextk.MethodNode, classOutput *bytes.Buffer, methodValues map[string]struct{}) { for _, method := range methods { - out, err := parseDexInstructions(dexReader, method) + s, values, err := parseDexInstructions(dexReader, method) if err != nil { ctx.Logger().V(2).Info("failed to process dex method", "error", err) - continue // Continue processing other methods even if one fails + continue + } + classOutput.Write(s.Bytes()) + for val := range values { + methodValues[val] = struct{}{} } - dexOutput.WriteString(out) } } // parseDexInstructions processes a dex method and returns the string representation of the instruction -func parseDexInstructions(r *dextk.Reader, m dextk.MethodNode) (string, error) { +func parseDexInstructions(r *dextk.Reader, m dextk.MethodNode) (*bytes.Buffer, map[string]struct{}, error) { + var s bytes.Buffer + values := make(map[string]struct{}) + if m.CodeOff == 0 { - return "", nil + return &s, values, nil } c, err := r.ReadCodeAndParse(m.CodeOff) if err != nil { - return "", err + return &s, values, err } - var s strings.Builder + // Iterate over the instructions and extract the relevant values for _, o := range c.Ops { - if hasSubstring(o.String(), targetInstructionTypes) { - s.WriteString(fmt.Sprintf("%s\n", formatInstruction(o.String()))) + oStr := o.String() + // Filter out instructions that are not in our targetInstructionTypes + parsedVal := formatAndFilterInstruction(oStr) + if parsedVal == "" { + continue } + // If instruction is a const-string, then store as in values map + // this is used when creating keyword:value pairs in processDexClass() + if strings.HasPrefix(oStr, stringInstructionType) { + values[parsedVal] = struct{}{} + } + // Write the parsedVal to the buffer + s.WriteString(parsedVal) } - return s.String(), nil + return &s, values, nil } -// formatInstruction removes unnecessary information from the dex instruction +// formatAndFilterInstruction looks for a match to our regex and returns it // Note: This is critical for ensuring secret + keyword are in close proximity. // If we expand the instructions we're looking at, this function will need to be updated. -func formatInstruction(line string) string { - line = reFieldPrefix.ReplaceAllString(line, "") - line = reTypeSuffix.ReplaceAllString(line, "") - line = reConstString.ReplaceAllString(line, "") - return line +func formatAndFilterInstruction(line string) string { + for _, re := range reInstructions { + matches := re.FindStringSubmatch(line) + if len(matches) > 1 { + return matches[1] + } + } + return "" } func decodeXML(rdr io.ReadCloser, resTable *apkparser.ResourceTable) (io.Reader, error) { diff --git a/pkg/handlers/apk_keywords.go b/pkg/handlers/apk_keywords.go new file mode 100644 index 000000000000..6ea6ed264734 --- /dev/null +++ b/pkg/handlers/apk_keywords.go @@ -0,0 +1,1672 @@ +package handlers + +import ( + "strings" + + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abbysale" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abuseipdb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/accuweather" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/adafruitio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/adzuna" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aeroworkflow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/agora" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aha" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airbrakeprojectkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airbrakeuserkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airship" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airtableapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airvisual" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aiven" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alchemy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alegra" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aletheiaapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/algoliaadminkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alibaba" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alienvault" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/allsports" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/amadeus" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ambee" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/amplitudeapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/anthropic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/anypoint" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apacta" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/api2cart" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apideck" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apiflash" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apifonica" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apilayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apimatic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apimetrics" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apitemplate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appcues" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appfollow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appointedd" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appoptics" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appsynergy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apptivo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/artsy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/asanaoauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/asanapersonalaccesstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/assemblyai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atera" + atlassianv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v1" + atlassianv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/audd" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0managementapitoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autodesk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autoklose" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autopilot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/avazapersonalaccesstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aviationstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aws" + awssessionkey "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/awssessionkeys" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/axonaut" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aylien" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ayrshare" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azure" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurebatch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurecontainerregistry" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuredevopspersonalaccesstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchadminkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchquerykey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurestorage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bannerbear" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/baremetrics" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/beamer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/beebole" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/besnappy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/besttime" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/betterstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/billomat" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitbar" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitcoinaverage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitfinex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitlyaccesstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitmex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blazemeter" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blitapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blocknative" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blogger" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bombbomb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/boostnote" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/borgbase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/box" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/boxoauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/braintreepayments" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/brandfetch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/browserstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/browshot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bscscan" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buddyns" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/budibase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bugherd" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bugsnag" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buildkite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buildkitev2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bulbul" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bulksms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buttercms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/caflou" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calendarific" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calendlyapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calorieninja" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/campayn" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cannyio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/capsulecrm" + captainDataV1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/captaindata/v1" + captainDataV2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/captaindata/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/carboninterface" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cashboard" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/caspio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/censys" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/centralstationcrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cexio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chartmogul" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chatbot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chatfule" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checklyhq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checkout" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checkvist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cicero" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/circleci" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clarifai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clearbit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clickhelp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clicksendsms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clickuppersonaltoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cliengo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clinchpad" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clockify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clockworksms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/closecrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudconvert" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudelements" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflareapitoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflarecakey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflareglobalapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudimage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudmersive" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudplan" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudsmith" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloverly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloze" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clustdoc" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coda" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codacy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codeclimate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codemagic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codequiry" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinbase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinbase_waas" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinlayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinlib" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/collect2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/column" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/commercejs" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/commodities" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/companyhub" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/confluent" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/contentfulpersonalaccesstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/conversiontools" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convertapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convertkit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/copper" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/couchbase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/countrylayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/courier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coveralls" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/craftmypdf" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/crowdin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cryptocompare" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencycloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencyfreaks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencylayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencyscoop" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currentsapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/customerguru" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/customerio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/d7network" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dandelion" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dareboost" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/databox" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/databrickstoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/datadogtoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/datagov" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deepai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deepgram" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/delighted" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/demio" + denodeploy "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deno" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deputy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/detectify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/detectlanguage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dfuse" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/diffbot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/diggernaut" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/digitaloceantoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/digitaloceanv2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/discordbottoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/discordwebhook" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/disqus" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ditto" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dnscheck" + dockerhubv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dockerhub/v1" + dockerhubv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dockerhub/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/docparser" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/documo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/docusign" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/doppler" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dotmailer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dovico" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dronahq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/droneci" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dropbox" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/duply" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dwolla" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dynalist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dyspatch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eagleeyenetworks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/easyinsight" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ecostruxureit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/edamam" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/edenai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eightxeight" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elasticemail" + elevenlabsv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elevenlabs/v1" + elevenlabsv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elevenlabs/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/enablex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/endorlabs" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/enigma" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/envoyapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eraser" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/etherscan" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ethplorer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eventbrite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/everhour" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exchangerateapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exchangeratesapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exportsdk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/extractorapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/facebookoauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/faceplusplus" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fastforex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fastlypersonaltoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/feedier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fetchrss" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fibery" + figmapersonalaccesstokenv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/figmapersonalaccesstoken/v1" + figmapersonalaccesstokenv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/figmapersonalaccesstoken/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fileio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/finage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/financialmodelingprep" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/findl" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/finnhub" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fixerio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flatio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fleetbase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flickr" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightlabs" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightstats" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/float" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flowflu" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flutterwave" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fmfw" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formbucket" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formcraft" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formsite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/foursquare" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/frameio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/freshbooks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/freshdesk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/front" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ftp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fulcrum" + fullstoryv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fullstory/v1" + fullstoryv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fullstory/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fxmarket" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gcp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gcpapplicationdefaultcredentials" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geckoboard" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gemini" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gengo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geoapify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocode" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocodify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocodio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geoipifi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getgeoapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getgist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getresponse" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getsandbox" + githubv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github/v1" + githubv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github_oauth2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/githubapp" + gitlabv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitlab/v1" + gitlabv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitlab/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitter" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/glassnode" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gocanvas" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gocardless" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/goodday" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/googleoauth2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/grafana" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/grafanaserviceaccount" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/graphcms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/graphhopper" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/groovehq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/groq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gtmetrix" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/guardianapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gumroad" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gyazo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/happyscribe" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/harvest" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hellosign" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/helpcrunch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/helpscout" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hereapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/heroku" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hiveage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/holidayapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/holistic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/honeycomb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/host" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/html2pdf" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hubspotapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/huggingface" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/humanity" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hunter" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hybiscus" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hypertrack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iconfinder" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iexapis" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iexcloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/imagekit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/imagga" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/impala" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/infura" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/insightly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/instabot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/instamojo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intercom" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/interseller" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intra42" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intrinio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/invoiceocean" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ip2location" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipgeolocation" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipinfodb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipquality" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jdbc" + jiratokenv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jiratoken/v1" + jiratokenv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jiratoken/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jotform" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jumpcloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jupiterone" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/juro" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanban" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanbantool" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/karmacrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/keenio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kickbox" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/klaviyo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/klipfolio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/knapsackpro" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kontent" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kraken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kucoin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kylas" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/languagelayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/larksuite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/larksuiteapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/launchdarkly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ldap" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/leadfeeder" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lemlist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lemonsqueezy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lendflow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lessannoyingcrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lexigram" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linearapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linenotify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linkpreview" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/liveagent" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/livestorm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loadmill" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/locationiq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loggly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loginradius" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/logzio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lokalisetoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loyverse" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lunchmoney" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/luno" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/madkudu" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/magicbell" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/magnetic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailboxlayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailchimp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailerlite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailgun" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailjetbasicauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailjetsms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailmodo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailsac" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mandrill" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mapbox" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mapquest" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/marketstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mattermostpersonaltoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mavenlink" + maxmindlicensev1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/maxmindlicense/v1" + maxmindlicensev2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/maxmindlicense/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meaningcloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mediastack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meistertask" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meraki" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mesibo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/messagebird" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metaapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metabase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metrilo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/microsoftteamswebhook" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mindmeister" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/miro" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mixmax" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mockaroo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moderation" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/monday" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mongodb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/monkeylearn" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moonclerk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moosend" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moralis" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mrticktock" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mux" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/myfreshworks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/myintervals" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nethunt" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/netlify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/netsuite" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/neutrinoapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newrelicpersonalapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newsapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newscatcher" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nexmoapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nftport" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ngc" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ngrok" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nicereply" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nightfall" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nimble" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/noticeable" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/notion" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nozbeteams" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/npmtoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/npmtokenv2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nugetapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/numverify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nutritionix" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nvapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nylas" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/oanda" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/okta" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/omnisend" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onedesk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onelogin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onepagecrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onesignal" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onfleet" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/oopspam" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/opencagedata" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openuv" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openvpn" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openweather" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/opsgenie" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/optimizely" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/overloop" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/owlbot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/packagecloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pagarme" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pagerdutyapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pandadoc" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pandascore" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paperform" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paralleldots" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parsehub" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parsers" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parseur" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/partnerstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pastebin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paydirtapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paymoapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paymongo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paypaloauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paystack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pdflayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pdfshift" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/peopledatalabs" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pepipost" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/percy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pinata" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pipedream" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pipedrive" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pivotaltracker" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pixabay" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planetscale" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planetscaledb" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planviewleankit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planyo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/plivo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/podio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pollsapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/poloniex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/polygon" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/portainer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/portainertoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/positionstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postageapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postbacks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postgres" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/posthog" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postman" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postmark" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/powrbot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prefect" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/privacy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/privatekey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prodpad" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prospectcrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/protocolsio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/proxycrawl" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pubnubpublishkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pubnubsubscriptionkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pulumi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/purestake" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pushbulletapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pusherchannelkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pypi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qualaroo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qubole" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rabbitmq" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/railwayapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ramp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rapidapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rawg" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/razorpay" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/reachmail" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/readme" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/reallysimplesystems" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rebrandly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rechargepayments" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/redis" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/refiner" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rentman" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/repairshopr" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/replicate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/replyio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/requestfinance" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpackhtmltopdfapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpackscreenshotapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/revampcrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ringcentral" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ritekit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/roaring" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/robinhoodcrypto" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rocketreach" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rockset" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/roninapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/route4me" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rownd" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rubygems" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/runrunit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/saladcloudapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesblink" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salescookie" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesflare" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesforce" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesmate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/satismeterprojectkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/satismeterwritekey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/saucelabs" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scalewaykey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scalr" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapeowl" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scraperapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scraperbox" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapestack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapfly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapingant" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapingbee" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/screenshotapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/screenshotlayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrutinizerci" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/securitytrails" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/segmentapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/selectpdf" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/semaphore" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendbird" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendbirdorganizationapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendgrid" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendinbluev2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sentrytoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/serphouse" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/serpstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sheety" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sherpadesk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shipday" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shodankey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shopify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shortcut" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shotstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shutterstock" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shutterstockoauth" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signable" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signalwire" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signaturit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signupgenius" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sigopt" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simfin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simplesat" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simplynoted" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simvoly" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sinchmessage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sirv" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/siteleaf" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/skrappio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/skybiometry" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/slack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/slackwebhook" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smartsheets" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smartystreets" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smooch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snipcart" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snowflake" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snykkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sonarcloud" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sourcegraph" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sourcegraphcody" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/speechtextai" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/splunkobservabilitytoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/spoonacular" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sportsmonk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sqlserver" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/square" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squareapp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squarespace" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squareup" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sslmate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuscake" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuspage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuspal" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stitchdata" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stockdata" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storecove" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stormboard" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stormglass" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storyblok" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storychief" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/strava" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/streak" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stripe" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stripo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stytch" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sugester" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sumologickey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/supabasetoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/supernotesapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveyanyplace" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveybot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveysparrow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/survicate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/swell" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/swiftype" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tailscale" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tallyfy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tatumio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/taxjar" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamgate" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkcrm" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkdesk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkspaces" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/technicalanalysisapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tefter" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/telegrambottoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teletype" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/telnyx" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/terraformcloudpersonaltoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/testingbot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/textmagic" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/theoddsapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/thinkific" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/thousandeyes" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ticketmaster" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tickettailor" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tiingo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/timecamp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/timezoneapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tineswebhook" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tmetric" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/todoist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tokeet" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tomorrowio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tomtom" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tradier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/transferwise" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/travelpayouts" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/travisci" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/trelloapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/trufflehogenterprise" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twelvedata" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twilio" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twist" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitch" + twitterv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitter/v1" + twitterv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitter/v2" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitterconsumerkey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tyntec" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/typeform" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/typetalk" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ubidots" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uclassify" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unifyid" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unplugg" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unsplash" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/upcdatabase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uplead" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uploadcare" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uptimerobot" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/upwave" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uri" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/urlscan" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/userflow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/userstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vagrantcloudpersonaltoken" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vatlayer" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vbout" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vercel" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/verifier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/verimail" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/veriphone" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/versioneye" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/viewneo" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/virustotal" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/visualcrossing" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voiceflow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voicegain" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voodoosms" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vouchery" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vpnapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vultrapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vyte" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/walkscore" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/weatherbit" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/weatherstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/web3storage" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webflow" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webscraper" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webscraping" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/websitepulse" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/whoxy" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wistia" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wiz" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worksnaps" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/workstack" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worldcoinindex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worldweather" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wrike" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yandex" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yelp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/youneedabudget" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yousign" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/youtubeapikey" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zendeskapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenkitapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenrows" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenscrape" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenserp" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zeplin" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zerobounce" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zerotier" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipbooks" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipcodeapi" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipcodebase" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zonkafeedback" + "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zulipchat" +) + +// Note: If pkg/engine/defaults.go lived outside of the engine package, we wouldn't need this file. +// this is due to circular import issues related to importing the engine package here. +func DefaultDetectorKeywords() map[string]struct{} { + detectorList := []detectors.Detector{ + &heroku.Scanner{}, + &pypi.Scanner{}, + &linearapi.Scanner{}, + &alibaba.Scanner{}, + aws.New(), + awssessionkey.New(), + &slack.Scanner{}, // has 4 secret types + &gitlabv1.Scanner{}, + &gitlabv2.Scanner{}, + &sendgrid.Scanner{}, + &mailchimp.Scanner{}, + &okta.Scanner{}, + &onelogin.Scanner{}, + &dropbox.Scanner{}, + &stripe.Scanner{}, + &square.Scanner{}, + &squareapp.Scanner{}, + &pivotaltracker.Scanner{}, + &githubv1.Scanner{}, + &githubv2.Scanner{}, + &twilio.Scanner{}, + &gcp.Scanner{}, + &circleci.Scanner{}, + &uri.Scanner{}, + &razorpay.Scanner{}, + &jdbc.Scanner{}, + &privatekey.Scanner{}, + &maxmindlicensev1.Scanner{}, + &maxmindlicensev2.Scanner{}, + &airtableapikey.Scanner{}, + &bitfinex.Scanner{}, + &telegrambottoken.Scanner{}, + &clarifai.Scanner{}, + &cloudflareapitoken.Scanner{}, + &cloudflarecakey.Scanner{}, + &cloudflareglobalapikey.Scanner{}, + &terraformcloudpersonaltoken.Scanner{}, + &asanapersonalaccesstoken.Scanner{}, + &trelloapikey.Scanner{}, + &mapbox.Scanner{}, + &mailgun.Scanner{}, + &mailjetbasicauth.Scanner{}, + &auth0managementapitoken.Scanner{}, + // &auth0oauth.Scanner{}, + &mailjetsms.Scanner{}, + &digitaloceantoken.Scanner{}, + &paystack.Scanner{}, + &contentfulpersonalaccesstoken.Scanner{}, + &hunter.Scanner{}, + &sendinbluev2.Scanner{}, + &elasticemail.Scanner{}, + &messagebird.Scanner{}, + µsoftteamswebhook.Scanner{}, + &plivo.Scanner{}, + &rapidapi.Scanner{}, + &discordbottoken.Scanner{}, + &netlify.Scanner{}, + &hubspotapikey.Scanner{}, + &travisci.Scanner{}, + &scalewaykey.Scanner{}, + &fastlypersonaltoken.Scanner{}, + &snykkey.Scanner{}, + &postmark.Scanner{}, + &figmapersonalaccesstokenv1.Scanner{}, + &figmapersonalaccesstokenv2.Scanner{}, + &webex.Scanner{}, + &segmentapikey.Scanner{}, + &vultrapikey.Scanner{}, + // &ibmclouduserkey.Scanner{}, + &pepipost.Scanner{}, + &postman.Scanner{}, + &nexmoapikey.Scanner{}, + &newrelicpersonalapikey.Scanner{}, + &pushbulletapikey.Scanner{}, + &paypaloauth.Scanner{}, + &datadogtoken.Scanner{}, + &airbrakeuserkey.Scanner{}, + &sumologickey.Scanner{}, + &pagerdutyapikey.Scanner{}, + &jiratokenv1.Scanner{}, + jiratokenv2.Scanner{}, + &airbrakeprojectkey.Scanner{}, + &calendlyapikey.Scanner{}, + &bitlyaccesstoken.Scanner{}, + &youtubeapikey.Scanner{}, + &coinbase.Scanner{}, + &confluent.Scanner{}, + &zendeskapi.Scanner{}, + &facebookoauth.Scanner{}, + &litudeapikey.Scanner{}, + &pubnubpublishkey.Scanner{}, + &sentrytoken.Scanner{}, + &githubapp.Scanner{}, + &slackwebhook.Scanner{}, + // &spotifykey.Scanner{}, + &discordwebhook.Scanner{}, + // &zapierwebhook.Scanner{}, + &pubnubsubscriptionkey.Scanner{}, + // &plaidkey.Scanner{}, + &calendarific.Scanner{}, + &jumpcloud.Scanner{}, + ¬ion.Scanner{}, + &droneci.Scanner{}, + &ipstack.Scanner{}, + // &adobeio.Scanner{}, + &sslmate.Scanner{}, + &buildkite.Scanner{}, + &shodankey.Scanner{}, + &lokalisetoken.Scanner{}, + &twelvedata.Scanner{}, + &intercom.Scanner{}, + &d7network.Scanner{}, + &buttercms.Scanner{}, + &taxjar.Scanner{}, + &zerobounce.Scanner{}, + &fixerio.Scanner{}, + &verimail.Scanner{}, + &helpscout.Scanner{}, + &beamer.Scanner{}, + &liveagent.Scanner{}, + &pipedrive.Scanner{}, + &cannyio.Scanner{}, + &vercel.Scanner{}, + &posthog.Scanner{}, + &mandrill.Scanner{}, + &mailmodo.Scanner{}, + &flutterwave.Scanner{}, + &algoliaadminkey.Scanner{}, + &mattermostpersonaltoken.Scanner{}, + &splunkobservabilitytoken.Scanner{}, + &simvoly.Scanner{}, + &surveysparrow.Scanner{}, + &survicate.Scanner{}, + &omnisend.Scanner{}, + &getgist.Scanner{}, + &groovehq.Scanner{}, + &newsapi.Scanner{}, + &helpcrunch.Scanner{}, + // &linemessaging.Scanner{}, + &launchdarkly.Scanner{}, + &salesflare.Scanner{}, + &chatbot.Scanner{}, + &nftport.Scanner{}, + &coveralls.Scanner{}, + &rubygems.Scanner{}, + &webflow.Scanner{}, + &graphcms.Scanner{}, + &anypoint.Scanner{}, + &frameio.Scanner{}, + &zonkafeedback.Scanner{}, + &surveybot.Scanner{}, + &mailerlite.Scanner{}, + &qualaroo.Scanner{}, + &simplesat.Scanner{}, + &convertkit.Scanner{}, + &clockworksms.Scanner{}, + &apideck.Scanner{}, + &zeplin.Scanner{}, + &myfreshworks.Scanner{}, + &satismeterwritekey.Scanner{}, + &customerio.Scanner{}, + &clicksendsms.Scanner{}, + &copper.Scanner{}, + &skrappio.Scanner{}, + &delighted.Scanner{}, + &abbysale.Scanner{}, + &feedier.Scanner{}, + &powrbot.Scanner{}, + &magnetic.Scanner{}, + &polygon.Scanner{}, + &smartsheets.Scanner{}, + // &wepay.Scanner{}, + // &artifactory.Scanner{}, + &linenotify.Scanner{}, + &float.Scanner{}, + &monday.Scanner{}, + // &debounce.Scanner{}, + &guardianapi.Scanner{}, + &squarespace.Scanner{}, + &wrike.Scanner{}, + &storyblok.Scanner{}, + &salesblink.Scanner{}, + &campayn.Scanner{}, + &clinchpad.Scanner{}, + &companyhub.Scanner{}, + &dyspatch.Scanner{}, + &harvest.Scanner{}, + &moosend.Scanner{}, + &openweather.Scanner{}, + &siteleaf.Scanner{}, + &flowflu.Scanner{}, + &nimble.Scanner{}, + &lessannoyingcrm.Scanner{}, + &nethunt.Scanner{}, + &apptivo.Scanner{}, + &capsulecrm.Scanner{}, + &insightly.Scanner{}, + &kylas.Scanner{}, + &onepagecrm.Scanner{}, + &reallysimplesystems.Scanner{}, + &timezoneapi.Scanner{}, + &everhour.Scanner{}, + &jotform.Scanner{}, + &workstack.Scanner{}, + &clockify.Scanner{}, + &karmacrm.Scanner{}, + &revampcrm.Scanner{}, + // &apollo.Scanner{}, + &artsy.Scanner{}, + &vpnapi.Scanner{}, + &dnscheck.Scanner{}, + // &toggltrack.Scanner{}, + ðplorer.Scanner{}, + &fulcrum.Scanner{}, + &metrilo.Scanner{}, + &salescookie.Scanner{}, + &geoipifi.Scanner{}, + &yandex.Scanner{}, + &airship.Scanner{}, + &refiner.Scanner{}, + &pandadoc.Scanner{}, + &juro.Scanner{}, + &documo.Scanner{}, + &docusign.Scanner{}, + &roninapp.Scanner{}, + &doppler.Scanner{}, + &codacy.Scanner{}, + &gocardless.Scanner{}, + // The service currently has blocked requests with a "TruffleHog" UserAgent. + // &alconost.Scanner{}, + &rawg.Scanner{}, + &accuweather.Scanner{}, + &tomtom.Scanner{}, + &teamgate.Scanner{}, + &bulbul.Scanner{}, + ¢ralstationcrm.Scanner{}, + &tyntec.Scanner{}, + &axonaut.Scanner{}, + &kraken.Scanner{}, + &easyinsight.Scanner{}, + &closecrm.Scanner{}, + &customerguru.Scanner{}, + &prospectcrm.Scanner{}, + &surveyanyplace.Scanner{}, + &ubidots.Scanner{}, + &elevenlabsv1.Scanner{}, + &elevenlabsv2.Scanner{}, + sinchmessage.Scanner{}, + ayrshare.Scanner{}, + mailboxlayer.Scanner{}, + satismeterprojectkey.Scanner{}, + pusherchannelkey.Scanner{}, + imagekit.Scanner{}, + asanaoauth.Scanner{}, + // getemail.Scanner{}, + rocketreach.Scanner{}, + // raven.Scanner{}, + kontent.Scanner{}, + cloudplan.Scanner{}, + autoklose.Scanner{}, + appcues.Scanner{}, + // getemails.Scanner{}, + leadfeeder.Scanner{}, + uplead.Scanner{}, + audd.Scanner{}, + bitbar.Scanner{}, + // abstract.Scanner{}, + exchangerateapi.Scanner{}, + currencycloud.Scanner{}, + finage.Scanner{}, + adafruitio.Scanner{}, + storychief.Scanner{}, + tradier.Scanner{}, + hellosign.Scanner{}, + dwolla.Scanner{}, + voicegain.Scanner{}, + ambee.Scanner{}, + bannerbear.Scanner{}, + hypertrack.Scanner{}, + holidayapi.Scanner{}, + currencylayer.Scanner{}, + coinlib.Scanner{}, + agora.Scanner{}, + marketstack.Scanner{}, + exchangeratesapi.Scanner{}, + faceplusplus.Scanner{}, + baremetrics.Scanner{}, + getgeoapi.Scanner{}, + alegra.Scanner{}, + tatumio.Scanner{}, + deepgram.Scanner{}, + brandfetch.Scanner{}, + typeform.Scanner{}, + fxmarket.Scanner{}, + ipapi.Scanner{}, + clearbit.Scanner{}, + spoonacular.Scanner{}, + finnhub.Scanner{}, + checkout.Scanner{}, + // mixpanel.Scanner{}, + ipgeolocation.Scanner{}, + tmetric.Scanner{}, + fullstoryv1.Scanner{}, + fullstoryv2.Scanner{}, + noticeable.Scanner{}, + currencyscoop.Scanner{}, + scrapingbee.Scanner{}, + todoist.Scanner{}, + owlbot.Scanner{}, + keenio.Scanner{}, + dovico.Scanner{}, + html2pdf.Scanner{}, + yousign.Scanner{}, + fleetbase.Scanner{}, + cloudmersive.Scanner{}, + imagga.Scanner{}, + visualcrossing.Scanner{}, + bugsnag.Scanner{}, + runrunit.Scanner{}, + assemblyai.Scanner{}, + loyverse.Scanner{}, + swell.Scanner{}, + crowdin.Scanner{}, + nutritionix.Scanner{}, + mapquest.Scanner{}, + clickuppersonaltoken.Scanner{}, + tiingo.Scanner{}, + billomat.Scanner{}, + blogger.Scanner{}, + front.Scanner{}, + apify.Scanner{}, + dynalist.Scanner{}, + mavenlink.Scanner{}, + sportsmonk.Scanner{}, + bitcoinaverage.Scanner{}, + zipcodeapi.Scanner{}, + gyazo.Scanner{}, + // sparkpost.Scanner{}, + locationiq.Scanner{}, + saucelabs.Scanner{}, + enigma.Scanner{}, + clickhelp.Scanner{}, + adzuna.Scanner{}, + vouchery.Scanner{}, + currentsapi.Scanner{}, + flickr.Scanner{}, + apiflash.Scanner{}, + geocodio.Scanner{}, + datagov.Scanner{}, + tomorrowio.Scanner{}, + lexigram.Scanner{}, + securitytrails.Scanner{}, + foursquare.Scanner{}, + browshot.Scanner{}, + edamam.Scanner{}, + alienvault.Scanner{}, + protocolsio.Scanner{}, + coinlayer.Scanner{}, + commercejs.Scanner{}, + detectlanguage.Scanner{}, + worldcoinindex.Scanner{}, + airvisual.Scanner{}, + sheety.Scanner{}, + financialmodelingprep.Scanner{}, + stormglass.Scanner{}, + oopspam.Scanner{}, + unsplash.Scanner{}, + allsports.Scanner{}, + amadeus.Scanner{}, + ringcentral.Scanner{}, + pixabay.Scanner{}, + youneedabudget.Scanner{}, + languagelayer.Scanner{}, + gengo.Scanner{}, + aylien.Scanner{}, + shutterstock.Scanner{}, + hereapi.Scanner{}, + readme.Scanner{}, + pastebin.Scanner{}, + vatlayer.Scanner{}, + verifier.Scanner{}, + graphhopper.Scanner{}, + scraperapi.Scanner{}, + ritekit.Scanner{}, + linkpreview.Scanner{}, + dotmailer.Scanner{}, + api2cart.Scanner{}, + virustotal.Scanner{}, + numverify.Scanner{}, + pdflayer.Scanner{}, + geocode.Scanner{}, + iconfinder.Scanner{}, + // m3o.Scanner{}, + mesibo.Scanner{}, + impala.Scanner{}, + besttime.Scanner{}, + currencyfreaks.Scanner{}, + humanity.Scanner{}, + loginradius.Scanner{}, + stockdata.Scanner{}, + flatio.Scanner{}, + openuv.Scanner{}, + snipcart.Scanner{}, + screenshotapi.Scanner{}, + cryptocompare.Scanner{}, + happyscribe.Scanner{}, + geocodify.Scanner{}, + bombbomb.Scanner{}, + serpstack.Scanner{}, + zenserp.Scanner{}, + restpackscreenshotapi.Scanner{}, + shortcut.Scanner{}, + // nasdaqdatalink.Scanner{}, + neutrinoapi.Scanner{}, + bitmex.Scanner{}, + deepai.Scanner{}, + host.Scanner{}, + pdfshift.Scanner{}, + fetchrss.Scanner{}, + proxycrawl.Scanner{}, + storecove.Scanner{}, + fileio.Scanner{}, + coinapi.Scanner{}, + stytch.Scanner{}, + signupgenius.Scanner{}, + streak.Scanner{}, + route4me.Scanner{}, + openai.Scanner{}, + opencagedata.Scanner{}, + positionstack.Scanner{}, + upcdatabase.Scanner{}, + commodities.Scanner{}, + glassnode.Scanner{}, + optimizely.Scanner{}, + censys.Scanner{}, + scraperbox.Scanner{}, + ticketmaster.Scanner{}, + iexcloud.Scanner{}, + partnerstack.Scanner{}, + qubole.Scanner{}, + poloniex.Scanner{}, + shipday.Scanner{}, + stitchdata.Scanner{}, + hiveage.Scanner{}, + technicalanalysisapi.Scanner{}, + smartystreets.Scanner{}, + shutterstockoauth.Scanner{}, + newscatcher.Scanner{}, + postageapp.Scanner{}, + unplugg.Scanner{}, + paymongo.Scanner{}, + flightapi.Scanner{}, + countrylayer.Scanner{}, + veriphone.Scanner{}, + ipinfodb.Scanner{}, + mediastack.Scanner{}, + screenshotlayer.Scanner{}, + userstack.Scanner{}, + edenai.Scanner{}, + urlscan.Scanner{}, + zenscrape.Scanner{}, + // dailyco.Scanner{}, + nicereply.Scanner{}, + // hive.Scanner{}, + clustdoc.Scanner{}, + scrapingant.Scanner{}, + kickbox.Scanner{}, + scrapeowl.Scanner{}, + rebrandly.Scanner{}, + dandelion.Scanner{}, + purestake.Scanner{}, + carboninterface.Scanner{}, + signaturit.Scanner{}, + blitapp.Scanner{}, + restpackhtmltopdfapi.Scanner{}, + webscraping.Scanner{}, + geoapify.Scanner{}, + dfuse.Scanner{}, + gitter.Scanner{}, + autopilot.Scanner{}, + aletheiaapi.Scanner{}, + intrinio.Scanner{}, + aviationstack.Scanner{}, + scrapestack.Scanner{}, + restpack.Scanner{}, + cloverly.Scanner{}, + thinkific.Scanner{}, + meaningcloud.Scanner{}, + skybiometry.Scanner{}, + appfollow.Scanner{}, + abuseipdb.Scanner{}, + squareup.Scanner{}, + zipbooks.Scanner{}, + roaring.Scanner{}, + signalwire.Scanner{}, + weatherbit.Scanner{}, + textmagic.Scanner{}, + telnyx.Scanner{}, + calorieninja.Scanner{}, + vyte.Scanner{}, + walkscore.Scanner{}, + planyo.Scanner{}, + zipapi.Scanner{}, + mailsac.Scanner{}, + unifyid.Scanner{}, + worldweather.Scanner{}, + strava.Scanner{}, + autodesk.Scanner{}, + serphouse.Scanner{}, + paralleldots.Scanner{}, + semaphore.Scanner{}, + nylas.Scanner{}, + weatherstack.Scanner{}, + ipquality.Scanner{}, + blazemeter.Scanner{}, + cicero.Scanner{}, + onedesk.Scanner{}, + bugherd.Scanner{}, + whoxy.Scanner{}, + smooch.Scanner{}, + apifonica.Scanner{}, + goodday.Scanner{}, + getsandbox.Scanner{}, + freshdesk.Scanner{}, + teamworkdesk.Scanner{}, + tallyfy.Scanner{}, + apimatic.Scanner{}, + boostnote.Scanner{}, + freshbooks.Scanner{}, + cashboard.Scanner{}, + thousandeyes.Scanner{}, + zenkitapi.Scanner{}, + sherpadesk.Scanner{}, + shotstack.Scanner{}, + luno.Scanner{}, + apacta.Scanner{}, + fmfw.Scanner{}, + courier.Scanner{}, + checkvist.Scanner{}, + invoiceocean.Scanner{}, + travelpayouts.Scanner{}, + mixmax.Scanner{}, + cloze.Scanner{}, + supernotesapi.Scanner{}, + fastforex.Scanner{}, + sirv.Scanner{}, + teamworkcrm.Scanner{}, + geckoboard.Scanner{}, + appsynergy.Scanner{}, + findl.Scanner{}, + simplynoted.Scanner{}, + pandascore.Scanner{}, + gocanvas.Scanner{}, + formio.Scanner{}, + livestorm.Scanner{}, + // manifest.Scanner{}, + formbucket.Scanner{}, + dronahq.Scanner{}, + webscraper.Scanner{}, + versioneye.Scanner{}, + rownd.Scanner{}, + diffbot.Scanner{}, + nozbeteams.Scanner{}, + pipedream.Scanner{}, + paymoapp.Scanner{}, + peopledatalabs.Scanner{}, + mite.Scanner{}, + mindmeister.Scanner{}, + deputy.Scanner{}, + eagleeyenetworks.Scanner{}, + sigopt.Scanner{}, + lendflow.Scanner{}, + meistertask.Scanner{}, + mrticktock.Scanner{}, + beebole.Scanner{}, + theoddsapi.Scanner{}, + oanda.Scanner{}, + scrapfly.Scanner{}, + kanban.Scanner{}, + upwave.Scanner{}, + ditto.Scanner{}, + buddyns.Scanner{}, + checio.Scanner{}, + kucoin.Scanner{}, + eightxeight.Scanner{}, + avazapersonalaccesstoken.Scanner{}, + selectpdf.Scanner{}, + madkudu.Scanner{}, + borgbase.Scanner{}, + cliengo.Scanner{}, + swiftype.Scanner{}, + viewneo.Scanner{}, + planviewleankit.Scanner{}, + cloudimage.Scanner{}, + worksnaps.Scanner{}, + caspio.Scanner{}, + caflou.Scanner{}, + enablex.Scanner{}, + checklyhq.Scanner{}, + teamworkspaces.Scanner{}, + cloudelements.Scanner{}, + uploadcare.Scanner{}, + moderation.Scanner{}, + myintervals.Scanner{}, + klipfolio.Scanner{}, + flightstats.Scanner{}, + sendbird.Scanner{}, + cexio.Scanner{}, + repairshopr.Scanner{}, + metaapi.Scanner{}, + aeroworkflow.Scanner{}, + column.Scanner{}, + sugester.Scanner{}, + sendbirdorganizationapi.Scanner{}, + chatfule.Scanner{}, + convier.Scanner{}, + loadmill.Scanner{}, + magicbell.Scanner{}, + apitemplate.Scanner{}, + knapsackpro.Scanner{}, + twitterv1.Scanner{}, + twitterv2.Scanner{}, + timecamp.Scanner{}, + signable.Scanner{}, + teletype.Scanner{}, + wistia.Scanner{}, + hybiscus.Scanner{}, + miro.Scanner{}, + moonclerk.Scanner{}, + codequiry.Scanner{}, + qase.Scanner{}, + extractorapi.Scanner{}, + craftmypdf.Scanner{}, + // generic.Scanner{}, + userflow.Scanner{}, + mockaroo.Scanner{}, + statuspage.Scanner{}, + statuspal.Scanner{}, + testingbot.Scanner{}, + conversiontools.Scanner{}, + parsers.Scanner{}, + scrutinizerci.Scanner{}, + sonarcloud.Scanner{}, + dareboost.Scanner{}, + pinata.Scanner{}, + exportsdk.Scanner{}, + rechargepayments.Scanner{}, + browserstack.Scanner{}, + lunchmoney.Scanner{}, + atera.Scanner{}, + parsehub.Scanner{}, + voodoosms.Scanner{}, + yelp.Scanner{}, + podio.Scanner{}, + rockset.Scanner{}, + aha.Scanner{}, + packagecloud.Scanner{}, + cloudsmith.Scanner{}, + nightfall.Scanner{}, + mux.Scanner{}, + statuscake.Scanner{}, + formcraft.Scanner{}, + paperform.Scanner{}, + zulipchat.Scanner{}, + iexapis.Scanner{}, + detectify.Scanner{}, + reachmail.Scanner{}, + gumroad.Scanner{}, + typetalk.Scanner{}, + chartmogul.Scanner{}, + fibery.Scanner{}, + uptimerobot.Scanner{}, + paydirtapp.Scanner{}, + disqus.Scanner{}, + bulksms.Scanner{}, + onesignal.Scanner{}, + stormboard.Scanner{}, + interseller.Scanner{}, + tickettailor.Scanner{}, + twitch.Scanner{}, + rentman.Scanner{}, + tefter.Scanner{}, + pollsapi.Scanner{}, + diggernaut.Scanner{}, + zenrows.Scanner{}, + instabot.Scanner{}, + simfin.Scanner{}, + vbout.Scanner{}, + besnappy.Scanner{}, + convertapi.Scanner{}, + cloudconvert.Scanner{}, + zipcodebase.Scanner{}, + speechtextai.Scanner{}, + databox.Scanner{}, + postbacks.Scanner{}, + postgres.Scanner{}, + collect2.Scanner{}, + uclassify.Scanner{}, + holistic.Scanner{}, + tokeet.Scanner{}, + duply.Scanner{}, + gtmetrix.Scanner{}, + braintreepayments.Scanner{}, + docparser.Scanner{}, + formsite.Scanner{}, + flightlabs.Scanner{}, + getresponse.Scanner{}, + codeclimate.Scanner{}, + apilayer.Scanner{}, + monkeylearn.Scanner{}, + parseur.Scanner{}, + honeycomb.Scanner{}, + demio.Scanner{}, + kanbantool.Scanner{}, + salesmate.Scanner{}, + lemlist.Scanner{}, + websitepulse.Scanner{}, + scalr.Scanner{}, + ecostruxureit.Scanner{}, + appointedd.Scanner{}, + twist.Scanner{}, + prodpad.Scanner{}, + transferwise.Scanner{}, + codemagic.Scanner{}, + mongodb.Scanner{}, + ngc.Scanner{}, + gemini.Scanner{}, + digitaloceanv2.Scanner{}, + npmtoken.Scanner{}, + npmtokenv2.Scanner{}, + sqlserver.Scanner{}, + redis.Scanner{}, + ftp.Scanner{}, + ldap.Scanner{}, + shopify.Scanner{}, + etherscan.Scanner{}, + infura.Scanner{}, + alchemy.Scanner{}, + blocknative.Scanner{}, + moralis.Scanner{}, + bscscan.Scanner{}, + percy.Scanner{}, + tineswebhook.Scanner{}, + pulumi.Scanner{}, + databrickstoken.Scanner{}, + supabasetoken.Scanner{}, + nugetapikey.Scanner{}, + aiven.Scanner{}, + prefect.Scanner{}, + buildkitev2.Scanner{}, + opsgenie.Scanner{}, + dockerhubv1.Scanner{}, + couchbase.Scanner{}, + envoyapikey.Scanner{}, + github_oauth2.Scanner{}, + snowflake.Scanner{}, + huggingface.Scanner{}, + trufflehogenterprise.Scanner{}, + salesforce.Scanner{}, + sourcegraph.Scanner{}, + tailscale.Scanner{}, + loggly.Scanner{}, + web3storage.Scanner{}, + &ramp.Scanner{}, + &anthropic.Scanner{}, + &sourcegraphcody.Scanner{}, + voiceflow.Scanner{}, + ip2location.Scanner{}, + grafanaserviceaccount.Scanner{}, + vagrantcloudpersonaltoken.Scanner{}, + openvpn.Scanner{}, + &metabase.Scanner{}, + appoptics.Scanner{}, + zerotier.Scanner{}, + betterstack.Scanner{}, + coinbase_waas.Scanner{}, + replyio.Scanner{}, + stripo.Scanner{}, + lemonsqueezy.Scanner{}, + denodeploy.Scanner{}, + budibase.Scanner{}, + requestfinance.Scanner{}, + coda.Scanner{}, + grafana.Scanner{}, + logzio.Scanner{}, + eventbrite.Scanner{}, + &overloop.Scanner{}, + ngrok.Scanner{}, + replicate.Scanner{}, + privacy.Scanner{}, + instamojo.Scanner{}, + klaviyo.Scanner{}, + portainer.Scanner{}, + rabbitmq.Scanner{}, + planetscale.Scanner{}, + portainertoken.Scanner{}, + pagarme.Scanner{}, + planetscaledb.Scanner{}, + azure.Scanner{}, + azurestorage.Scanner{}, + azurecontainerregistry.Scanner{}, + azurebatch.Scanner{}, + // azurefunctionkey.Scanner{}, // detector is throwing some FPs + azuredevopspersonalaccesstoken.Scanner{}, + azuresearchadminkey.Scanner{}, + azuresearchquerykey.Scanner{}, + googleoauth2.Scanner{}, + dockerhubv2.Scanner{}, + &jupiterone.Scanner{}, + gcpapplicationdefaultcredentials.Scanner{}, + wiz.Scanner{}, + onfleet.Scanner{}, + intra42.Scanner{}, + groq.Scanner{}, + twitterconsumerkey.Scanner{}, + eraser.Scanner{}, + larksuite.Scanner{}, + larksuiteapikey.Scanner{}, + endorlabs.Scanner{}, + atlassianv1.Scanner{}, + atlassianv2.Scanner{}, + netsuite.Scanner{}, + box.Scanner{}, + robinhoodcrypto.Scanner{}, + nvapi.Scanner{}, + railwayapp.Scanner{}, + meraki.Scanner{}, + saladcloudapikey.Scanner{}, + boxoauth.Scanner{}, + apimetrics.Scanner{}, + captainDataV1.Scanner{}, + captainDataV2.Scanner{}, + } + + // Remove keywords that cause lots of false positives + exclusions := []string{ + "AKIA", "SG.", "pat", "token", "gh", "github", "sql", "database", "http", "key", "api-", "sdk-", "float", "-us", "gh", "pat", "token", "sid", "http", "private", "key", "segment", "close", "protocols", "verifier", "box", "privacy", "dm", "sl.", "vf", "flat", + } + + // Create a map of keywords + keywords := map[string]struct{}{} + + // Get all Keywords() from each detector + for _, detector := range detectorList { + for _, keyword := range detector.Keywords() { + keywords[strings.ToLower(keyword)] = struct{}{} + } + } + + // Remove exclusions from the default keyword list + for _, exclusion := range exclusions { + delete(keywords, strings.ToLower(exclusion)) + } + return keywords +} From d2aac61bb518e3a4a5d36446efe75e7fae2974aa Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Fri, 1 Nov 2024 15:06:04 -0400 Subject: [PATCH 09/15] fixed test --- pkg/handlers/apk_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/handlers/apk_test.go b/pkg/handlers/apk_test.go index a53cbf3b77d2..0790d451118c 100644 --- a/pkg/handlers/apk_test.go +++ b/pkg/handlers/apk_test.go @@ -23,7 +23,7 @@ func TestAPKHandler(t *testing.T) { }{ "apk_with_3_leaked_keys": { "https://github.com/joeleonjr/leakyAPK/raw/refs/heads/main/aws_leak.apk", - 499, + 942, // Note: the secret count is 4 instead of 3 b/c we're not actually running the secret detection engine, // we're just looking for a string match. There is one extra string match in the APK (but only 3 detected secrets). 4, From 009120240adddee0f55a07713338cd78e8a12a65 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Thu, 14 Nov 2024 11:45:31 -0500 Subject: [PATCH 10/15] performance updates --- pkg/handlers/apk.go | 79 ++++++++++++------------------------ pkg/handlers/handlers.go | 86 ++++++++++++++++++++++++++++++++-------- 2 files changed, 95 insertions(+), 70 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 23f626c00d8a..50a113687528 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "io" + "path/filepath" "regexp" "strings" "time" @@ -15,6 +16,7 @@ import ( "github.com/avast/apkparser" logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" + "github.com/trufflesecurity/trufflehog/v3/pkg/iobuf" ) // General Note: There are tools that can fully decompile an apk (e.g. jadx, apktool, etc.) @@ -87,24 +89,7 @@ func (h *apkHandler) HandleFile(ctx logContext.Context, input fileReader) (chan }() if err = h.processAPK(ctx, input, apkChan); err != nil { - // If we encounter an error during apk parsing, revert to zip handler. - // This ensures anything named .apk that isn't an Android package is still processed. - ctx.Logger().Error(err, "error processing apk content. reverting to zip handler.") - processingCtx, processingCancel := logContext.WithTimeout(logContext.Background(), maxTimeout) - defer processingCancel() - - // Instantiate a new zip handler to process the apk as a zip archive. - zipHandler := newArchiveHandler() - zipChan, err := zipHandler.HandleFile(processingCtx, input) - if err != nil { - ctx.Logger().Error(err, "error handling zip content.") - // Question: Should we handle errors differently here? instead of just returning - return - } - // Copy the zipChan to the apkChan - for data := range zipChan { - apkChan <- data - } + ctx.Logger().Error(err, "error processing apk content") } }() return apkChan, nil @@ -158,30 +143,30 @@ func (h *apkHandler) processFile(ctx logContext.Context, file *zip.File, resTabl return nil } - // Read the file data - rdr, err := readFile(file) + // Open the file from the zip archive + rdr, err := openFile(file) if err != nil { return fmt.Errorf("failed to read file %s: %w", file.Name, err) } defer rdr.Close() + var contentReader io.Reader // Decode the file based on its extension - switch { - case strings.HasSuffix(file.Name, ".xml"): - xmlRdr, err := decodeXML(rdr, resTable) + switch strings.ToLower(filepath.Ext(file.Name)) { + case ".xml": + contentReader, err = decodeXML(rdr, resTable) if err != nil { return fmt.Errorf("failed to decode xml file %s: %w", file.Name, err) } - return h.handleAPKFileContent(ctx, xmlRdr, file.Name, apkChan) - case strings.HasSuffix(file.Name, ".dex"): - dexRdr, err := processDexFile(ctx, rdr) + case ".dex": + contentReader, err = processDexFile(ctx, rdr) if err != nil { return fmt.Errorf("failed to decode dex file %s: %w", file.Name, err) } - return h.handleAPKFileContent(ctx, dexRdr, file.Name, apkChan) default: - return h.handleAPKFileContent(ctx, rdr, file.Name, apkChan) + contentReader = rdr } + return h.handleAPKFileContent(ctx, contentReader, file.Name, apkChan) } // handleAPKFileContent sends the extracted data to the provided channel via the handleNonArchiveContent function. @@ -199,16 +184,10 @@ func (h *apkHandler) handleAPKFileContent(ctx logContext.Context, rdr io.Reader, // createZipReader creates a new ZIP reader from the input fileReader. func createZipReader(input fileReader) (*zip.Reader, error) { - size, err := input.Seek(0, io.SeekEnd) + size, err := input.Size() if err != nil { return nil, err } - // Reset the reader position to the start - _, err = input.Seek(0, io.SeekStart) - if err != nil { - return nil, err - } - // Create a new ZIP reader for the data zipReader, err := zip.NewReader(input, size) if err != nil { return nil, err @@ -220,13 +199,13 @@ func createZipReader(input fileReader) (*zip.Reader, error) { func parseResTable(zipReader *zip.Reader) (*apkparser.ResourceTable, error) { for _, file := range zipReader.File { if file.Name == "resources.arsc" { - rdr, err := readFile(file) + rdr, err := openFile(file) if err != nil { return nil, err } - defer rdr.Close() resTable, err := apkparser.ParseResourceTable(rdr) + rdr.Close() if err != nil { return nil, err } @@ -236,9 +215,9 @@ func parseResTable(zipReader *zip.Reader) (*apkparser.ResourceTable, error) { return nil, errors.New("resources.arsc file not found in the APK archive") } -// readFile reads the file from the zip archive and returns the data as an io.ReadCloser +// openFile opens the file from the zip archive and returns the data as an io.ReadCloser // Note: responsibility of calling function to close the reader -func readFile(file *zip.File) (io.ReadCloser, error) { +func openFile(file *zip.File) (io.ReadCloser, error) { rc, err := file.Open() if err != nil { return nil, err @@ -265,10 +244,10 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, e return nil, err } // Write directly to the buffer - _, err = resourceStrings.WriteString(fmt.Sprintf("%s: %s\n", entry.Key, val)) - if err != nil { - return nil, err - } + resourceStrings.WriteString(entry.Key) + resourceStrings.WriteString(": ") + resourceStrings.WriteString(val) + resourceStrings.WriteString("\n") } // Exit the loop if we've finished processing the strings if inStrings && entry.ResourceType != "string" { @@ -280,16 +259,8 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, e // processDexFile decodes the dex file and returns the relevant instructions func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { - // dextk.Read() requires an io.ReaderAt interface, - // so we first convert the reader to a byte slice - data, err := io.ReadAll(rdr) - if err != nil { - return nil, err - } - bytesRdr := bytes.NewReader(data) - - // Read the dex file - dexReader, err := dextk.Read(bytesRdr) + // dextk.Read() requires an io.ReaderAt interface + dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr)) if err != nil { return nil, err } @@ -417,7 +388,7 @@ func decodeXML(rdr io.ReadCloser, resTable *apkparser.ResourceTable) (io.Reader, err := apkparser.ParseXml(rdr, enc, resTable) if err != nil { // If the error is due to plaintext XML, return the plaintext XML stringified - if err.Error() == "xml is in plaintext, binary form expected" { + if errors.Is(err, apkparser.ErrPlainTextManifest) { xmlData, readErr := io.ReadAll(rdr) if readErr != nil { return nil, readErr diff --git a/pkg/handlers/handlers.go b/pkg/handlers/handlers.go index 1f96b1f2033a..96fb0a25f7c6 100644 --- a/pkg/handlers/handlers.go +++ b/pkg/handlers/handlers.go @@ -1,6 +1,7 @@ package handlers import ( + "archive/zip" "bufio" "errors" "fmt" @@ -40,6 +41,14 @@ type fileReader struct { *iobuf.BufferedReadSeeker } +type readerConfig struct{ fileExtension string } + +type readerOption func(*readerConfig) + +func withFileExtension(ext string) readerOption { + return func(c *readerConfig) { c.fileExtension = ext } +} + var ErrEmptyReader = errors.New("reader is empty") // mimeTypeReader wraps an io.Reader with MIME type information. @@ -82,8 +91,15 @@ func newMimeTypeReader(r io.Reader) (mimeTypeReader, error) { } // newFileReader creates a fileReader from an io.Reader, optionally using BufferedFileWriter for certain formats. -func newFileReader(r io.Reader) (fileReader, error) { - var fReader fileReader +func newFileReader(r io.Reader, options ...readerOption) (fileReader, error) { + var ( + fReader fileReader + cfg readerConfig + ) + + for _, opt := range options { + opt(&cfg) + } fReader.BufferedReadSeeker = iobuf.NewBufferedReaderSeeker(r) @@ -98,6 +114,26 @@ func newFileReader(r io.Reader) (fileReader, error) { return fReader, fmt.Errorf("error resetting reader after MIME detection: %w", err) } + // Check for APK files + // Note: We can't extend the mimetype package with an APK detection function b/c it would require adjusting settings + // so that all files are fully read into a byte slice for detection (mimetype.SetLimit(0)), which would bloat memory. + // Instead we call the isAPKFile function in here after ensuring it's a zip/jar file and has an .apk extension. + if cfg.fileExtension == apkExt && (fReader.mime.String() == string(zipMime) || fReader.mime.String() == string(jarMime)) { + isAPK, err := isAPKFile(&fReader) + if err != nil { + return fReader, fmt.Errorf("error checking for APK: %w", err) + } + if isAPK { + // Add apk file extension to mimetype package so we can assign in next line + mimetype.Lookup("application/zip").Extend(func(r []byte, l uint32) bool { return false }, string(apkMime), ".apk") + fReader.mime = mimetype.Lookup(string(apkMime)) + if _, err := fReader.Seek(0, io.SeekStart); err != nil { + return fReader, fmt.Errorf("error resetting reader after APK detection: %w", err) + } + return fReader, nil + } + } + // If a MIME type is known to not be an archive type, we might as well return here rather than // paying the I/O penalty of an archiver.Identify() call that won't identify anything. if _, ok := skipArchiverMimeTypes[mimeType(mime.String())]; ok { @@ -161,6 +197,7 @@ const ( rpmHandlerType handlerType = "rpm" apkHandlerType handlerType = "apk" defaultHandlerType handlerType = "default" + apkExt = ".apk" ) type mimeType string @@ -196,6 +233,8 @@ const ( tclTextMime mimeType = "text/x-tcl" tclMime mimeType = "application/x-tcl" apkMime mimeType = "application/vnd.android.package-archive" + zipMime mimeType = "application/zip" + jarMime mimeType = "application/java-archive" ) // skipArchiverMimeTypes is a set of MIME types that should bypass archiver library processing because they are either @@ -283,7 +322,8 @@ func HandleFile( return fmt.Errorf("reader is nil") } - rdr, err := newFileReader(reader) + readerOption := withFileExtension(getFileExtension(chunkSkel)) + rdr, err := newFileReader(reader, readerOption) if err != nil { if errors.Is(err, ErrEmptyReader) { ctx.Logger().V(5).Info("empty reader, skipping file") @@ -311,19 +351,6 @@ func HandleFile( return nil } - // If the file is an 'application/jar' or "application/zip" file, check filename for the .apk extension. - // This logic can't live inside the newReader() function b/c we don't have access to the filename. - // If we want to detect based on file contents instead, we need to read the file directory and look for - // the AndroidManifest.xml and resources.arsc files. - if mimeT == "application/jar" || mimeT == "application/zip" { - ext := getFileExtension(chunkSkel) - if ext == ".apk" { - ctx.Logger().V(3).Info("APK file detected by extension", "extension", ext) - mimeT = apkMime - ctx = logContext.WithValues(ctx, "mime", mimeT) - } - } - processingCtx, cancel := logContext.WithTimeout(ctx, maxTimeout) defer cancel() @@ -445,3 +472,30 @@ func getFileExtension(chunkSkel *sources.Chunk) string { ext := filepath.Ext(fileName) return ext } + +func isAPKFile(r *fileReader) (bool, error) { + size, _ := r.Size() + zipReader, err := zip.NewReader(r, size) + if err != nil { + return false, fmt.Errorf("error creating zip reader: %w", err) + } + + hasManifest := false + hasClasses := false + + for _, file := range zipReader.File { + switch file.Name { + case "AndroidManifest.xml": + hasManifest = true + case "classes.dex": + hasClasses = true + default: + // Skip other files. + } + if hasManifest && hasClasses { + return true, nil + } + } + + return false, nil +} From 224dab148ce7aabf53b7d1367d28efc60c787d3c Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Thu, 14 Nov 2024 13:02:03 -0500 Subject: [PATCH 11/15] fixing decodeXML memory issue --- pkg/handlers/apk.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 50a113687528..bc94a984bfe8 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -380,20 +380,22 @@ func formatAndFilterInstruction(line string) string { } func decodeXML(rdr io.ReadCloser, resTable *apkparser.ResourceTable) (io.Reader, error) { + //Convert rdr to BufferedReadSeeker to support rewinding + bufRdr := iobuf.NewBufferedReaderSeeker(rdr) + // Create a buffer to store the formatted XML data var buf bytes.Buffer enc := xml.NewEncoder(&buf) // Parse the XML data using the apkparser library + resource table - err := apkparser.ParseXml(rdr, enc, resTable) + err := apkparser.ParseXml(bufRdr, enc, resTable) if err != nil { - // If the error is due to plaintext XML, return the plaintext XML stringified + // If the error is due to plaintext XML, return the plaintext XML if errors.Is(err, apkparser.ErrPlainTextManifest) { - xmlData, readErr := io.ReadAll(rdr) - if readErr != nil { - return nil, readErr + if _, err := bufRdr.Seek(0, io.SeekStart); err != nil { + return bufRdr, fmt.Errorf("error resetting reader after XML parsing error: %w", err) } - return bytes.NewReader(xmlData), nil + return bufRdr, nil } return nil, err } From b2497d4882eeab3efefe2990e2b45f0bd589a793 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Thu, 14 Nov 2024 13:44:32 -0500 Subject: [PATCH 12/15] added feature flag --- main.go | 3 +++ pkg/feature/feature.go | 1 + pkg/handlers/handlers.go | 37 ++++++++++++++++++++++++++----------- 3 files changed, 30 insertions(+), 11 deletions(-) diff --git a/main.go b/main.go index 008f60b72fde..81ac1bc8715f 100644 --- a/main.go +++ b/main.go @@ -409,6 +409,9 @@ func run(state overseer.State) { feature.UserAgentSuffix.Store(*userAgentSuffix) } + // OSS Default APK handling on + feature.EnableAPKHandler.Store(true) + conf := &config.Config{} if *configFilename != "" { var err error diff --git a/pkg/feature/feature.go b/pkg/feature/feature.go index 3d1f3321e1cb..db8036f5d386 100644 --- a/pkg/feature/feature.go +++ b/pkg/feature/feature.go @@ -6,6 +6,7 @@ var ( ForceSkipBinaries atomic.Bool ForceSkipArchives atomic.Bool SkipAdditionalRefs atomic.Bool + EnableAPKHandler atomic.Bool UserAgentSuffix AtomicString ) diff --git a/pkg/handlers/handlers.go b/pkg/handlers/handlers.go index 96fb0a25f7c6..3f49cf62538a 100644 --- a/pkg/handlers/handlers.go +++ b/pkg/handlers/handlers.go @@ -13,6 +13,7 @@ import ( "github.com/mholt/archiver/v4" logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" + "github.com/trufflesecurity/trufflehog/v3/pkg/feature" "github.com/trufflesecurity/trufflehog/v3/pkg/iobuf" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/sources" @@ -115,22 +116,13 @@ func newFileReader(r io.Reader, options ...readerOption) (fileReader, error) { } // Check for APK files - // Note: We can't extend the mimetype package with an APK detection function b/c it would require adjusting settings - // so that all files are fully read into a byte slice for detection (mimetype.SetLimit(0)), which would bloat memory. - // Instead we call the isAPKFile function in here after ensuring it's a zip/jar file and has an .apk extension. - if cfg.fileExtension == apkExt && (fReader.mime.String() == string(zipMime) || fReader.mime.String() == string(jarMime)) { + if shouldHandleAsAPK(cfg, fReader) { isAPK, err := isAPKFile(&fReader) if err != nil { return fReader, fmt.Errorf("error checking for APK: %w", err) } if isAPK { - // Add apk file extension to mimetype package so we can assign in next line - mimetype.Lookup("application/zip").Extend(func(r []byte, l uint32) bool { return false }, string(apkMime), ".apk") - fReader.mime = mimetype.Lookup(string(apkMime)) - if _, err := fReader.Seek(0, io.SeekStart); err != nil { - return fReader, fmt.Errorf("error resetting reader after APK detection: %w", err) - } - return fReader, nil + return handleAPKFile(&fReader) } } @@ -473,6 +465,16 @@ func getFileExtension(chunkSkel *sources.Chunk) string { return ext } +// shouldHandleAsAPK checks if the file should be handled as an APK based on config and MIME type. +// Note: We can't extend the mimetype package with an APK detection function b/c it would require adjusting settings +// so that all files are fully read into a byte slice for detection (mimetype.SetLimit(0)), which would bloat memory. +// Instead we call the isAPKFile function in here after ensuring it's a zip/jar file and has an .apk extension. +func shouldHandleAsAPK(cfg readerConfig, fReader fileReader) bool { + return feature.EnableAPKHandler.Load() && + cfg.fileExtension == apkExt && + (fReader.mime.String() == string(zipMime) || fReader.mime.String() == string(jarMime)) +} + func isAPKFile(r *fileReader) (bool, error) { size, _ := r.Size() zipReader, err := zip.NewReader(r, size) @@ -499,3 +501,16 @@ func isAPKFile(r *fileReader) (bool, error) { return false, nil } + +// handleAPKFile configures the MIME type for an APK and resets the reader. +func handleAPKFile(fReader *fileReader) (fileReader, error) { + // Extend the MIME type to recognize APK files + mimetype.Lookup("application/zip").Extend(func(r []byte, l uint32) bool { return false }, string(apkMime), ".apk") + fReader.mime = mimetype.Lookup(string(apkMime)) + + // Reset reader for further handling + if _, err := fReader.Seek(0, io.SeekStart); err != nil { + return *fReader, fmt.Errorf("error resetting reader after APK detection: %w", err) + } + return *fReader, nil +} From 454037b983a9244a0f246b9587b34cc46755f688 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Thu, 14 Nov 2024 15:29:59 -0500 Subject: [PATCH 13/15] refactored keyword matching + ahocorasick --- hack/snifftest/main.go | 4 +- main.go | 3 +- pkg/engine/{ => defaults}/defaults.go | 72 +- pkg/engine/{ => defaults}/defaults_test.go | 2 +- pkg/engine/engine.go | 9 +- pkg/engine/engine_test.go | 17 +- pkg/engine/gcs_test.go | 3 +- pkg/engine/git_test.go | 5 +- pkg/engine/postman_test.go | 3 +- pkg/handlers/apk.go | 33 +- pkg/handlers/apk_keywords.go | 1672 -------------------- 11 files changed, 110 insertions(+), 1713 deletions(-) rename pkg/engine/{ => defaults}/defaults.go (97%) rename pkg/engine/{ => defaults}/defaults_test.go (99%) delete mode 100644 pkg/handlers/apk_keywords.go diff --git a/hack/snifftest/main.go b/hack/snifftest/main.go index 8f76c7a361ea..0068eb339ff7 100644 --- a/hack/snifftest/main.go +++ b/hack/snifftest/main.go @@ -17,7 +17,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" - "github.com/trufflesecurity/trufflehog/v3/pkg/engine" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/log" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb" @@ -247,7 +247,7 @@ func main() { func getAllScanners() map[string]detectors.Detector { allScanners := map[string]detectors.Detector{} - for _, s := range engine.DefaultDetectors() { + for _, s := range defaults.DefaultDetectors() { secretType := reflect.Indirect(reflect.ValueOf(s)).Type().PkgPath() path := strings.Split(secretType, "/")[len(strings.Split(secretType, "/"))-1] allScanners[path] = s diff --git a/main.go b/main.go index 81ac1bc8715f..abd635f07e5a 100644 --- a/main.go +++ b/main.go @@ -28,6 +28,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/config" "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/engine" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/feature" "github.com/trufflesecurity/trufflehog/v3/pkg/handlers" "github.com/trufflesecurity/trufflehog/v3/pkg/log" @@ -464,7 +465,7 @@ func run(state overseer.State) { // default detectors, which can be further filtered by the // user. The filters are applied by the engine and are only // subtractive. - Detectors: append(engine.DefaultDetectors(), conf.Detectors...), + Detectors: append(defaults.DefaultDetectors(), conf.Detectors...), Verify: !*noVerification, IncludeDetectors: *includeDetectors, ExcludeDetectors: *excludeDetectors, diff --git a/pkg/engine/defaults.go b/pkg/engine/defaults/defaults.go similarity index 97% rename from pkg/engine/defaults.go rename to pkg/engine/defaults/defaults.go index 1cb8776784df..1bc9266beb3a 100644 --- a/pkg/engine/defaults.go +++ b/pkg/engine/defaults/defaults.go @@ -1,6 +1,11 @@ -package engine +package defaults import ( + "bytes" + "strings" + "sync" + + ahocorasick "github.com/BobuSumisu/aho-corasick" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abbysale" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abuseipdb" @@ -811,8 +816,8 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb" ) -func DefaultDetectors() []detectors.Detector { - detectorList := []detectors.Detector{ +func buildDetectorList() []detectors.Detector { + return []detectors.Detector{ &abbysale.Scanner{}, // &abstract.Scanner{}, &abuseipdb.Scanner{}, @@ -1647,6 +1652,10 @@ func DefaultDetectors() []detectors.Detector { &zonkafeedback.Scanner{}, &zulipchat.Scanner{}, } +} + +func DefaultDetectors() []detectors.Detector { + detectorList := buildDetectorList() // Automatically initialize all detectors that implement // EndpointCustomizer and/or CloudProvider interfaces. @@ -1675,3 +1684,60 @@ func DefaultDetectorTypesImplementing[T any]() map[detectorspb.DetectorType]stru } return out } + +func defaultDetectorKeywords() []string { + allDetectors := buildDetectorList() + + // Remove keywords that cause lots of false positives. + var exclusions = []string{ + "AKIA", "SG.", "pat", "token", "gh", "github", "sql", "database", "http", "key", "api-", "sdk-", "float", "-us", "gh", "pat", "token", "sid", "http", "private", "key", "segment", "close", "protocols", "verifier", "box", "privacy", "dm", "sl.", "vf", "flat", + } + + var keywords []string + exclusionSet := make(map[string]struct{}) + for _, excl := range exclusions { + exclusionSet[strings.ToLower(excl)] = struct{}{} + } + + // Aggregate all keywords from detectors. + for _, detector := range allDetectors { + for _, kw := range detector.Keywords() { + kwLower := strings.ToLower(kw) + if _, excluded := exclusionSet[kwLower]; !excluded { + keywords = append(keywords, kwLower) + } + } + } + return keywords +} + +// DefaultDetectorKeywordMatcher encapsulates the Aho-Corasick trie for keyword matching. +type DefaultDetectorKeywordMatcher struct { + mu sync.RWMutex + trie *ahocorasick.Trie +} + +// NewDefaultDetectorKeywordMatcher creates a new DefaultDetectorKeywordMatcher. +func NewDefaultDetectorKeywordMatcher() *DefaultDetectorKeywordMatcher { + keywords := defaultDetectorKeywords() + return &DefaultDetectorKeywordMatcher{trie: ahocorasick.NewTrieBuilder().AddStrings(keywords).Build()} +} + +// FindKeywords scans the input text and returns a slice of matched keywords. +func (km *DefaultDetectorKeywordMatcher) FindKeywords(text []byte) []string { + km.mu.RLock() + defer km.mu.RUnlock() + + matches := km.trie.Match(bytes.ToLower(text)) + found := make([]string, 0, len(matches)) + seen := make(map[string]struct{}) // To avoid duplicate entries + + for _, match := range matches { + keyword := match.MatchString() + if _, exists := seen[keyword]; !exists { + found = append(found, keyword) + seen[keyword] = struct{}{} + } + } + return found +} diff --git a/pkg/engine/defaults_test.go b/pkg/engine/defaults/defaults_test.go similarity index 99% rename from pkg/engine/defaults_test.go rename to pkg/engine/defaults/defaults_test.go index 6131b211f42b..cfb4c1c908d2 100644 --- a/pkg/engine/defaults_test.go +++ b/pkg/engine/defaults/defaults_test.go @@ -1,4 +1,4 @@ -package engine +package defaults import ( "testing" diff --git a/pkg/engine/engine.go b/pkg/engine/engine.go index 4d07cbe4a692..9ec11dccc181 100644 --- a/pkg/engine/engine.go +++ b/pkg/engine/engine.go @@ -21,6 +21,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/giturl" "github.com/trufflesecurity/trufflehog/v3/pkg/output" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb" @@ -345,7 +346,7 @@ func (e *Engine) setDefaults(ctx context.Context) { // Only use the default detectors if none are provided. if len(e.detectors) == 0 { - e.detectors = DefaultDetectors() + e.detectors = defaults.DefaultDetectors() } if e.dispatcher == nil { @@ -398,7 +399,7 @@ func parseCustomVerifierEndpoints(endpoints map[string]string) (map[config.Detec return nil, fmt.Errorf("invalid verifier detector configuration id %v: %w", id, err) } // Extra check for endpoint customization. - isEndpointCustomizer := DefaultDetectorTypesImplementing[detectors.EndpointCustomizer]() + isEndpointCustomizer := defaults.DefaultDetectorTypesImplementing[detectors.EndpointCustomizer]() for id := range customVerifierEndpoints { if _, ok := isEndpointCustomizer[id.ID]; !ok { return nil, fmt.Errorf("endpoint provided but detector does not support endpoint customization: %w", err) @@ -435,7 +436,7 @@ func getWithDetectorID[T any](d detectors.Detector, data map[config.DetectorID]T // verifyDetectorsAreVersioner checks all keys in a provided map to verify the // provided type is actually a Versioner. func verifyDetectorsAreVersioner[T any](data map[config.DetectorID]T) (config.DetectorID, error) { - isVersioner := DefaultDetectorTypesImplementing[detectors.Versioner]() + isVersioner := defaults.DefaultDetectorTypesImplementing[detectors.Versioner]() for id := range data { if id.Version == 0 { // Version not provided. @@ -564,7 +565,7 @@ func (e *Engine) GetDetectorsMetrics() map[string]time.Duration { e.metrics.mu.RLock() defer e.metrics.mu.RUnlock() - result := make(map[string]time.Duration, len(DefaultDetectors())) + result := make(map[string]time.Duration, len(defaults.DefaultDetectors())) for detectorName, durations := range e.DetectorAvgTime() { var total time.Duration for _, d := range durations { diff --git a/pkg/engine/engine_test.go b/pkg/engine/engine_test.go index 9be786d93742..5901e67d2d78 100644 --- a/pkg/engine/engine_test.go +++ b/pkg/engine/engine_test.go @@ -22,6 +22,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" "github.com/trufflesecurity/trufflehog/v3/pkg/engine/ahocorasick" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/custom_detectorspb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/sourcespb" @@ -259,7 +260,7 @@ func TestEngine_DuplicateSecrets(t *testing.T) { conf := Config{ Concurrency: 1, Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sourceManager, Dispatcher: NewPrinterDispatcher(new(discardPrinter)), @@ -360,7 +361,7 @@ even more`, conf := Config{ Concurrency: 1, Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sourceManager, Dispatcher: lineCapturer, @@ -891,12 +892,12 @@ func TestLikelyDuplicate(t *testing.T) { // Initialize detectors // (not actually calling detector FromData or anything, just using detector struct for key creation) detectorA := ahocorasick.DetectorMatch{ - Key: ahocorasick.CreateDetectorKey(DefaultDetectors()[0]), - Detector: DefaultDetectors()[0], + Key: ahocorasick.CreateDetectorKey(defaults.DefaultDetectors()[0]), + Detector: defaults.DefaultDetectors()[0], } detectorB := ahocorasick.DetectorMatch{ - Key: ahocorasick.CreateDetectorKey(DefaultDetectors()[1]), - Detector: DefaultDetectors()[1], + Key: ahocorasick.CreateDetectorKey(defaults.DefaultDetectors()[1]), + Detector: defaults.DefaultDetectors()[1], } // Define test cases @@ -1037,7 +1038,7 @@ func TestFilterResults_CustomCleaner(t *testing.T) { } func BenchmarkPopulateMatchingDetectors(b *testing.B) { - allDetectors := DefaultDetectors() + allDetectors := defaults.DefaultDetectors() ac := ahocorasick.NewAhoCorasickCore(allDetectors) // Generate sample data with keywords from detectors. @@ -1164,7 +1165,7 @@ func TestEngineInitializesCloudProviderDetectors(t *testing.T) { ctx := context.Background() conf := Config{ Concurrency: 1, - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sources.NewManager(), Dispatcher: NewPrinterDispatcher(new(discardPrinter)), diff --git a/pkg/engine/gcs_test.go b/pkg/engine/gcs_test.go index e634819810f4..d73b0bf5e84c 100644 --- a/pkg/engine/gcs_test.go +++ b/pkg/engine/gcs_test.go @@ -8,6 +8,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/sources" ) @@ -72,7 +73,7 @@ func TestScanGCS(t *testing.T) { conf := Config{ Concurrency: 1, Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sourceManager, Dispatcher: NewPrinterDispatcher(new(discardPrinter)), diff --git a/pkg/engine/git_test.go b/pkg/engine/git_test.go index a20ae7da627c..6bac1af992ab 100644 --- a/pkg/engine/git_test.go +++ b/pkg/engine/git_test.go @@ -10,6 +10,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/pb/source_metadatapb" "github.com/trufflesecurity/trufflehog/v3/pkg/sources" "github.com/trufflesecurity/trufflehog/v3/pkg/sources/git" @@ -73,7 +74,7 @@ func TestGitEngine(t *testing.T) { conf := Config{ Concurrency: 1, Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: true, SourceManager: sourceManager, Dispatcher: NewPrinterDispatcher(new(discardPrinter)), @@ -135,7 +136,7 @@ func BenchmarkGitEngine(b *testing.B) { conf := Config{ Concurrency: runtime.NumCPU(), Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sourceManager, Dispatcher: NewPrinterDispatcher(new(discardPrinter)), diff --git a/pkg/engine/postman_test.go b/pkg/engine/postman_test.go index 37830a9b92e8..448e59b6a07a 100644 --- a/pkg/engine/postman_test.go +++ b/pkg/engine/postman_test.go @@ -7,6 +7,7 @@ import ( "github.com/trufflesecurity/trufflehog/v3/pkg/context" "github.com/trufflesecurity/trufflehog/v3/pkg/decoders" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/sources" ) @@ -55,7 +56,7 @@ func TestPostmanEngine(t *testing.T) { conf := Config{ Concurrency: 1, Decoders: decoders.DefaultDecoders(), - Detectors: DefaultDetectors(), + Detectors: defaults.DefaultDetectors(), Verify: false, SourceManager: sourceManager, Dispatcher: NewPrinterDispatcher(new(discardPrinter)), diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index bc94a984bfe8..1f565557d595 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -16,6 +16,7 @@ import ( "github.com/avast/apkparser" logContext "github.com/trufflesecurity/trufflehog/v3/pkg/context" + "github.com/trufflesecurity/trufflehog/v3/pkg/engine/defaults" "github.com/trufflesecurity/trufflehog/v3/pkg/iobuf" ) @@ -51,11 +52,17 @@ var ( ) // apkHandler handles apk archive formats. -type apkHandler struct{ *defaultHandler } +type apkHandler struct { + keywordMatcher *defaults.DefaultDetectorKeywordMatcher + *defaultHandler +} // newapkHandler creates an apkHandler. func newAPKHandler() *apkHandler { - return &apkHandler{defaultHandler: newDefaultHandler(apkHandlerType)} + return &apkHandler{ + defaultHandler: newDefaultHandler(apkHandlerType), + keywordMatcher: defaults.NewDefaultDetectorKeywordMatcher(), + } } // HandleFile processes apk formatted files. @@ -159,7 +166,7 @@ func (h *apkHandler) processFile(ctx logContext.Context, file *zip.File, resTabl return fmt.Errorf("failed to decode xml file %s: %w", file.Name, err) } case ".dex": - contentReader, err = processDexFile(ctx, rdr) + contentReader, err = h.processDexFile(ctx, rdr) if err != nil { return fmt.Errorf("failed to decode dex file %s: %w", file.Name, err) } @@ -258,15 +265,13 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, e } // processDexFile decodes the dex file and returns the relevant instructions -func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { +func (h *apkHandler) processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { // dextk.Read() requires an io.ReaderAt interface dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr)) if err != nil { return nil, err } - defaultKeywords := DefaultDetectorKeywords() - // Get relevant instruction data from the dex file var dexOutput bytes.Buffer ci := dexReader.ClassIter() @@ -275,14 +280,14 @@ func processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error if err != nil { break } - processDexClass(ctx, dexReader, node, defaultKeywords, &dexOutput) + h.processDexClass(ctx, dexReader, node, &dexOutput) } return &dexOutput, nil } // processDexClass processes a single class node's methods -func processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk.ClassNode, defaultKeywords map[string]struct{}, dexOutput *bytes.Buffer) { +func (h *apkHandler) processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk.ClassNode, dexOutput *bytes.Buffer) { var classOutput bytes.Buffer methodValues := make(map[string]struct{}) @@ -295,21 +300,13 @@ func processDexClass(ctx logContext.Context, dexReader *dextk.Reader, node dextk // Write the classOutput to the dexOutput dexOutput.Write(classOutput.Bytes()) - // Stringify the classOutput value for case-insensitive keyword matching - classOutputLower := strings.ToLower(classOutput.String()) - // Check if classOutput contains any of the default keywords - foundKeywords := make(map[string]struct{}) - for keyword := range defaultKeywords { - if strings.Contains(classOutputLower, keyword) { - foundKeywords[keyword] = struct{}{} // Directly add to the map - } - } + foundKeywords := h.keywordMatcher.FindKeywords(classOutput.Bytes()) // For each found keyword, create a keyword:value pair and append to dexOutput var keyValuePairs bytes.Buffer for str := range methodValues { - for keyword := range foundKeywords { + for _, keyword := range foundKeywords { keyValuePairs.Reset() keyValuePairs.WriteString(keyword + ":" + str + "\n") dexOutput.Write(keyValuePairs.Bytes()) diff --git a/pkg/handlers/apk_keywords.go b/pkg/handlers/apk_keywords.go deleted file mode 100644 index 6ea6ed264734..000000000000 --- a/pkg/handlers/apk_keywords.go +++ /dev/null @@ -1,1672 +0,0 @@ -package handlers - -import ( - "strings" - - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abbysale" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/abuseipdb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/accuweather" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/adafruitio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/adzuna" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aeroworkflow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/agora" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aha" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airbrakeprojectkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airbrakeuserkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airship" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airtableapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/airvisual" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aiven" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alchemy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alegra" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aletheiaapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/algoliaadminkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alibaba" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/alienvault" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/allsports" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/amadeus" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ambee" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/amplitudeapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/anthropic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/anypoint" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apacta" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/api2cart" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apideck" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apiflash" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apifonica" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apilayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apimatic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apimetrics" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apitemplate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appcues" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appfollow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appointedd" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appoptics" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/appsynergy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/apptivo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/artsy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/asanaoauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/asanapersonalaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/assemblyai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atera" - atlassianv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v1" - atlassianv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/atlassian/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/audd" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/auth0managementapitoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autodesk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autoklose" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/autopilot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/avazapersonalaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aviationstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aws" - awssessionkey "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/awssessionkeys" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/axonaut" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/aylien" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ayrshare" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azure" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurebatch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurecontainerregistry" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuredevopspersonalaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchadminkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azuresearchquerykey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/azurestorage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bannerbear" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/baremetrics" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/beamer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/beebole" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/besnappy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/besttime" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/betterstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/billomat" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitbar" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitcoinaverage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitfinex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitlyaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bitmex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blazemeter" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blitapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blocknative" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/blogger" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bombbomb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/boostnote" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/borgbase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/box" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/boxoauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/braintreepayments" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/brandfetch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/browserstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/browshot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bscscan" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buddyns" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/budibase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bugherd" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bugsnag" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buildkite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buildkitev2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bulbul" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/bulksms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/buttercms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/caflou" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calendarific" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calendlyapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/calorieninja" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/campayn" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cannyio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/capsulecrm" - captainDataV1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/captaindata/v1" - captainDataV2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/captaindata/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/carboninterface" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cashboard" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/caspio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/censys" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/centralstationcrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cexio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chartmogul" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chatbot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/chatfule" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checklyhq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checkout" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/checkvist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cicero" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/circleci" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clarifai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clearbit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clickhelp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clicksendsms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clickuppersonaltoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cliengo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clinchpad" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clockify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clockworksms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/closecrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudconvert" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudelements" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflareapitoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflarecakey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudflareglobalapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudimage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudmersive" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudplan" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloudsmith" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloverly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cloze" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/clustdoc" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coda" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codacy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codeclimate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codemagic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/codequiry" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinbase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinbase_waas" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinlayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coinlib" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/collect2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/column" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/commercejs" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/commodities" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/companyhub" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/confluent" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/contentfulpersonalaccesstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/conversiontools" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convertapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convertkit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/convier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/copper" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/couchbase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/countrylayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/courier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/coveralls" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/craftmypdf" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/crowdin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/cryptocompare" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencycloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencyfreaks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencylayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currencyscoop" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/currentsapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/customerguru" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/customerio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/d7network" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dandelion" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dareboost" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/databox" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/databrickstoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/datadogtoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/datagov" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deepai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deepgram" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/delighted" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/demio" - denodeploy "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deno" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/deputy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/detectify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/detectlanguage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dfuse" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/diffbot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/diggernaut" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/digitaloceantoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/digitaloceanv2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/discordbottoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/discordwebhook" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/disqus" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ditto" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dnscheck" - dockerhubv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dockerhub/v1" - dockerhubv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dockerhub/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/docparser" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/documo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/docusign" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/doppler" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dotmailer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dovico" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dronahq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/droneci" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dropbox" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/duply" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dwolla" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dynalist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/dyspatch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eagleeyenetworks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/easyinsight" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ecostruxureit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/edamam" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/edenai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eightxeight" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elasticemail" - elevenlabsv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elevenlabs/v1" - elevenlabsv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/elevenlabs/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/enablex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/endorlabs" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/enigma" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/envoyapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eraser" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/etherscan" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ethplorer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/eventbrite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/everhour" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exchangerateapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exchangeratesapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/exportsdk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/extractorapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/facebookoauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/faceplusplus" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fastforex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fastlypersonaltoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/feedier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fetchrss" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fibery" - figmapersonalaccesstokenv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/figmapersonalaccesstoken/v1" - figmapersonalaccesstokenv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/figmapersonalaccesstoken/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fileio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/finage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/financialmodelingprep" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/findl" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/finnhub" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fixerio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flatio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fleetbase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flickr" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightlabs" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flightstats" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/float" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flowflu" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/flutterwave" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fmfw" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formbucket" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formcraft" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/formsite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/foursquare" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/frameio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/freshbooks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/freshdesk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/front" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ftp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fulcrum" - fullstoryv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fullstory/v1" - fullstoryv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fullstory/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/fxmarket" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gcp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gcpapplicationdefaultcredentials" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geckoboard" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gemini" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gengo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geoapify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocode" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocodify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geocodio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/geoipifi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getgeoapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getgist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getresponse" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/getsandbox" - githubv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github/v1" - githubv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/github_oauth2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/githubapp" - gitlabv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitlab/v1" - gitlabv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitlab/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gitter" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/glassnode" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gocanvas" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gocardless" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/goodday" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/googleoauth2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/grafana" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/grafanaserviceaccount" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/graphcms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/graphhopper" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/groovehq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/groq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gtmetrix" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/guardianapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gumroad" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/gyazo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/happyscribe" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/harvest" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hellosign" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/helpcrunch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/helpscout" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hereapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/heroku" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hiveage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/holidayapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/holistic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/honeycomb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/host" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/html2pdf" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hubspotapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/huggingface" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/humanity" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hunter" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hybiscus" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/hypertrack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iconfinder" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iexapis" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/iexcloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/imagekit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/imagga" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/impala" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/infura" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/insightly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/instabot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/instamojo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intercom" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/interseller" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intra42" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/intrinio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/invoiceocean" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ip2location" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipgeolocation" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipinfodb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipquality" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ipstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jdbc" - jiratokenv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jiratoken/v1" - jiratokenv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jiratoken/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jotform" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jumpcloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/jupiterone" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/juro" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanban" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kanbantool" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/karmacrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/keenio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kickbox" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/klaviyo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/klipfolio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/knapsackpro" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kontent" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kraken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kucoin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/kylas" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/languagelayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/larksuite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/larksuiteapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/launchdarkly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ldap" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/leadfeeder" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lemlist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lemonsqueezy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lendflow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lessannoyingcrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lexigram" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linearapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linenotify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/linkpreview" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/liveagent" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/livestorm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loadmill" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/locationiq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loggly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loginradius" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/logzio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lokalisetoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/loyverse" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/lunchmoney" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/luno" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/madkudu" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/magicbell" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/magnetic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailboxlayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailchimp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailerlite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailgun" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailjetbasicauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailjetsms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailmodo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mailsac" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mandrill" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mapbox" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mapquest" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/marketstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mattermostpersonaltoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mavenlink" - maxmindlicensev1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/maxmindlicense/v1" - maxmindlicensev2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/maxmindlicense/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meaningcloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mediastack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meistertask" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/meraki" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mesibo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/messagebird" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metaapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metabase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/metrilo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/microsoftteamswebhook" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mindmeister" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/miro" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mixmax" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mockaroo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moderation" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/monday" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mongodb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/monkeylearn" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moonclerk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moosend" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/moralis" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mrticktock" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/mux" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/myfreshworks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/myintervals" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nethunt" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/netlify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/netsuite" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/neutrinoapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newrelicpersonalapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newsapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/newscatcher" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nexmoapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nftport" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ngc" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ngrok" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nicereply" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nightfall" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nimble" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/noticeable" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/notion" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nozbeteams" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/npmtoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/npmtokenv2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nugetapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/numverify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nutritionix" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nvapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/nylas" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/oanda" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/okta" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/omnisend" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onedesk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onelogin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onepagecrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onesignal" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/onfleet" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/oopspam" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/opencagedata" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openuv" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openvpn" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/openweather" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/opsgenie" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/optimizely" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/overloop" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/owlbot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/packagecloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pagarme" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pagerdutyapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pandadoc" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pandascore" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paperform" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paralleldots" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parsehub" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parsers" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/parseur" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/partnerstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pastebin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paydirtapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paymoapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paymongo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paypaloauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/paystack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pdflayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pdfshift" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/peopledatalabs" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pepipost" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/percy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pinata" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pipedream" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pipedrive" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pivotaltracker" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pixabay" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planetscale" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planetscaledb" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planviewleankit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/planyo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/plivo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/podio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pollsapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/poloniex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/polygon" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/portainer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/portainertoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/positionstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postageapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postbacks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postgres" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/posthog" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postman" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/postmark" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/powrbot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prefect" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/privacy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/privatekey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prodpad" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/prospectcrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/protocolsio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/proxycrawl" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pubnubpublishkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pubnubsubscriptionkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pulumi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/purestake" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pushbulletapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pusherchannelkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/pypi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qualaroo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/qubole" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rabbitmq" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/railwayapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ramp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rapidapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rawg" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/razorpay" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/reachmail" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/readme" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/reallysimplesystems" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rebrandly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rechargepayments" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/redis" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/refiner" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rentman" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/repairshopr" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/replicate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/replyio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/requestfinance" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpackhtmltopdfapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/restpackscreenshotapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/revampcrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ringcentral" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ritekit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/roaring" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/robinhoodcrypto" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rocketreach" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rockset" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/roninapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/route4me" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rownd" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/rubygems" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/runrunit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/saladcloudapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesblink" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salescookie" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesflare" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesforce" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/salesmate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/satismeterprojectkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/satismeterwritekey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/saucelabs" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scalewaykey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scalr" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapeowl" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scraperapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scraperbox" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapestack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapfly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapingant" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrapingbee" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/screenshotapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/screenshotlayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/scrutinizerci" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/securitytrails" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/segmentapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/selectpdf" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/semaphore" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendbird" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendbirdorganizationapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendgrid" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sendinbluev2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sentrytoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/serphouse" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/serpstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sheety" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sherpadesk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shipday" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shodankey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shopify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shortcut" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shotstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shutterstock" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/shutterstockoauth" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signable" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signalwire" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signaturit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/signupgenius" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sigopt" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simfin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simplesat" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simplynoted" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/simvoly" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sinchmessage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sirv" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/siteleaf" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/skrappio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/skybiometry" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/slack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/slackwebhook" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smartsheets" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smartystreets" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/smooch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snipcart" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snowflake" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/snykkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sonarcloud" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sourcegraph" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sourcegraphcody" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/speechtextai" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/splunkobservabilitytoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/spoonacular" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sportsmonk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sqlserver" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/square" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squareapp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squarespace" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/squareup" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sslmate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuscake" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuspage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/statuspal" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stitchdata" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stockdata" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storecove" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stormboard" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stormglass" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storyblok" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/storychief" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/strava" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/streak" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stripe" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stripo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/stytch" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sugester" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/sumologickey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/supabasetoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/supernotesapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveyanyplace" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveybot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/surveysparrow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/survicate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/swell" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/swiftype" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tailscale" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tallyfy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tatumio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/taxjar" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamgate" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkcrm" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkdesk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teamworkspaces" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/technicalanalysisapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tefter" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/telegrambottoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/teletype" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/telnyx" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/terraformcloudpersonaltoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/testingbot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/textmagic" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/theoddsapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/thinkific" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/thousandeyes" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ticketmaster" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tickettailor" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tiingo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/timecamp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/timezoneapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tineswebhook" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tmetric" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/todoist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tokeet" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tomorrowio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tomtom" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tradier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/transferwise" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/travelpayouts" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/travisci" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/trelloapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/trufflehogenterprise" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twelvedata" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twilio" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twist" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitch" - twitterv1 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitter/v1" - twitterv2 "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitter/v2" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/twitterconsumerkey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/tyntec" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/typeform" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/typetalk" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/ubidots" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uclassify" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unifyid" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unplugg" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/unsplash" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/upcdatabase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uplead" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uploadcare" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uptimerobot" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/upwave" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/uri" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/urlscan" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/userflow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/userstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vagrantcloudpersonaltoken" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vatlayer" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vbout" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vercel" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/verifier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/verimail" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/veriphone" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/versioneye" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/viewneo" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/virustotal" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/visualcrossing" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voiceflow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voicegain" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/voodoosms" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vouchery" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vpnapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vultrapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/vyte" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/walkscore" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/weatherbit" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/weatherstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/web3storage" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webflow" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webscraper" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/webscraping" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/websitepulse" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/whoxy" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wistia" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wiz" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worksnaps" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/workstack" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worldcoinindex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/worldweather" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/wrike" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yandex" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yelp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/youneedabudget" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/yousign" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/youtubeapikey" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zendeskapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenkitapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenrows" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenscrape" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zenserp" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zeplin" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zerobounce" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zerotier" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipbooks" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipcodeapi" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zipcodebase" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zonkafeedback" - "github.com/trufflesecurity/trufflehog/v3/pkg/detectors/zulipchat" -) - -// Note: If pkg/engine/defaults.go lived outside of the engine package, we wouldn't need this file. -// this is due to circular import issues related to importing the engine package here. -func DefaultDetectorKeywords() map[string]struct{} { - detectorList := []detectors.Detector{ - &heroku.Scanner{}, - &pypi.Scanner{}, - &linearapi.Scanner{}, - &alibaba.Scanner{}, - aws.New(), - awssessionkey.New(), - &slack.Scanner{}, // has 4 secret types - &gitlabv1.Scanner{}, - &gitlabv2.Scanner{}, - &sendgrid.Scanner{}, - &mailchimp.Scanner{}, - &okta.Scanner{}, - &onelogin.Scanner{}, - &dropbox.Scanner{}, - &stripe.Scanner{}, - &square.Scanner{}, - &squareapp.Scanner{}, - &pivotaltracker.Scanner{}, - &githubv1.Scanner{}, - &githubv2.Scanner{}, - &twilio.Scanner{}, - &gcp.Scanner{}, - &circleci.Scanner{}, - &uri.Scanner{}, - &razorpay.Scanner{}, - &jdbc.Scanner{}, - &privatekey.Scanner{}, - &maxmindlicensev1.Scanner{}, - &maxmindlicensev2.Scanner{}, - &airtableapikey.Scanner{}, - &bitfinex.Scanner{}, - &telegrambottoken.Scanner{}, - &clarifai.Scanner{}, - &cloudflareapitoken.Scanner{}, - &cloudflarecakey.Scanner{}, - &cloudflareglobalapikey.Scanner{}, - &terraformcloudpersonaltoken.Scanner{}, - &asanapersonalaccesstoken.Scanner{}, - &trelloapikey.Scanner{}, - &mapbox.Scanner{}, - &mailgun.Scanner{}, - &mailjetbasicauth.Scanner{}, - &auth0managementapitoken.Scanner{}, - // &auth0oauth.Scanner{}, - &mailjetsms.Scanner{}, - &digitaloceantoken.Scanner{}, - &paystack.Scanner{}, - &contentfulpersonalaccesstoken.Scanner{}, - &hunter.Scanner{}, - &sendinbluev2.Scanner{}, - &elasticemail.Scanner{}, - &messagebird.Scanner{}, - µsoftteamswebhook.Scanner{}, - &plivo.Scanner{}, - &rapidapi.Scanner{}, - &discordbottoken.Scanner{}, - &netlify.Scanner{}, - &hubspotapikey.Scanner{}, - &travisci.Scanner{}, - &scalewaykey.Scanner{}, - &fastlypersonaltoken.Scanner{}, - &snykkey.Scanner{}, - &postmark.Scanner{}, - &figmapersonalaccesstokenv1.Scanner{}, - &figmapersonalaccesstokenv2.Scanner{}, - &webex.Scanner{}, - &segmentapikey.Scanner{}, - &vultrapikey.Scanner{}, - // &ibmclouduserkey.Scanner{}, - &pepipost.Scanner{}, - &postman.Scanner{}, - &nexmoapikey.Scanner{}, - &newrelicpersonalapikey.Scanner{}, - &pushbulletapikey.Scanner{}, - &paypaloauth.Scanner{}, - &datadogtoken.Scanner{}, - &airbrakeuserkey.Scanner{}, - &sumologickey.Scanner{}, - &pagerdutyapikey.Scanner{}, - &jiratokenv1.Scanner{}, - jiratokenv2.Scanner{}, - &airbrakeprojectkey.Scanner{}, - &calendlyapikey.Scanner{}, - &bitlyaccesstoken.Scanner{}, - &youtubeapikey.Scanner{}, - &coinbase.Scanner{}, - &confluent.Scanner{}, - &zendeskapi.Scanner{}, - &facebookoauth.Scanner{}, - &litudeapikey.Scanner{}, - &pubnubpublishkey.Scanner{}, - &sentrytoken.Scanner{}, - &githubapp.Scanner{}, - &slackwebhook.Scanner{}, - // &spotifykey.Scanner{}, - &discordwebhook.Scanner{}, - // &zapierwebhook.Scanner{}, - &pubnubsubscriptionkey.Scanner{}, - // &plaidkey.Scanner{}, - &calendarific.Scanner{}, - &jumpcloud.Scanner{}, - ¬ion.Scanner{}, - &droneci.Scanner{}, - &ipstack.Scanner{}, - // &adobeio.Scanner{}, - &sslmate.Scanner{}, - &buildkite.Scanner{}, - &shodankey.Scanner{}, - &lokalisetoken.Scanner{}, - &twelvedata.Scanner{}, - &intercom.Scanner{}, - &d7network.Scanner{}, - &buttercms.Scanner{}, - &taxjar.Scanner{}, - &zerobounce.Scanner{}, - &fixerio.Scanner{}, - &verimail.Scanner{}, - &helpscout.Scanner{}, - &beamer.Scanner{}, - &liveagent.Scanner{}, - &pipedrive.Scanner{}, - &cannyio.Scanner{}, - &vercel.Scanner{}, - &posthog.Scanner{}, - &mandrill.Scanner{}, - &mailmodo.Scanner{}, - &flutterwave.Scanner{}, - &algoliaadminkey.Scanner{}, - &mattermostpersonaltoken.Scanner{}, - &splunkobservabilitytoken.Scanner{}, - &simvoly.Scanner{}, - &surveysparrow.Scanner{}, - &survicate.Scanner{}, - &omnisend.Scanner{}, - &getgist.Scanner{}, - &groovehq.Scanner{}, - &newsapi.Scanner{}, - &helpcrunch.Scanner{}, - // &linemessaging.Scanner{}, - &launchdarkly.Scanner{}, - &salesflare.Scanner{}, - &chatbot.Scanner{}, - &nftport.Scanner{}, - &coveralls.Scanner{}, - &rubygems.Scanner{}, - &webflow.Scanner{}, - &graphcms.Scanner{}, - &anypoint.Scanner{}, - &frameio.Scanner{}, - &zonkafeedback.Scanner{}, - &surveybot.Scanner{}, - &mailerlite.Scanner{}, - &qualaroo.Scanner{}, - &simplesat.Scanner{}, - &convertkit.Scanner{}, - &clockworksms.Scanner{}, - &apideck.Scanner{}, - &zeplin.Scanner{}, - &myfreshworks.Scanner{}, - &satismeterwritekey.Scanner{}, - &customerio.Scanner{}, - &clicksendsms.Scanner{}, - &copper.Scanner{}, - &skrappio.Scanner{}, - &delighted.Scanner{}, - &abbysale.Scanner{}, - &feedier.Scanner{}, - &powrbot.Scanner{}, - &magnetic.Scanner{}, - &polygon.Scanner{}, - &smartsheets.Scanner{}, - // &wepay.Scanner{}, - // &artifactory.Scanner{}, - &linenotify.Scanner{}, - &float.Scanner{}, - &monday.Scanner{}, - // &debounce.Scanner{}, - &guardianapi.Scanner{}, - &squarespace.Scanner{}, - &wrike.Scanner{}, - &storyblok.Scanner{}, - &salesblink.Scanner{}, - &campayn.Scanner{}, - &clinchpad.Scanner{}, - &companyhub.Scanner{}, - &dyspatch.Scanner{}, - &harvest.Scanner{}, - &moosend.Scanner{}, - &openweather.Scanner{}, - &siteleaf.Scanner{}, - &flowflu.Scanner{}, - &nimble.Scanner{}, - &lessannoyingcrm.Scanner{}, - &nethunt.Scanner{}, - &apptivo.Scanner{}, - &capsulecrm.Scanner{}, - &insightly.Scanner{}, - &kylas.Scanner{}, - &onepagecrm.Scanner{}, - &reallysimplesystems.Scanner{}, - &timezoneapi.Scanner{}, - &everhour.Scanner{}, - &jotform.Scanner{}, - &workstack.Scanner{}, - &clockify.Scanner{}, - &karmacrm.Scanner{}, - &revampcrm.Scanner{}, - // &apollo.Scanner{}, - &artsy.Scanner{}, - &vpnapi.Scanner{}, - &dnscheck.Scanner{}, - // &toggltrack.Scanner{}, - ðplorer.Scanner{}, - &fulcrum.Scanner{}, - &metrilo.Scanner{}, - &salescookie.Scanner{}, - &geoipifi.Scanner{}, - &yandex.Scanner{}, - &airship.Scanner{}, - &refiner.Scanner{}, - &pandadoc.Scanner{}, - &juro.Scanner{}, - &documo.Scanner{}, - &docusign.Scanner{}, - &roninapp.Scanner{}, - &doppler.Scanner{}, - &codacy.Scanner{}, - &gocardless.Scanner{}, - // The service currently has blocked requests with a "TruffleHog" UserAgent. - // &alconost.Scanner{}, - &rawg.Scanner{}, - &accuweather.Scanner{}, - &tomtom.Scanner{}, - &teamgate.Scanner{}, - &bulbul.Scanner{}, - ¢ralstationcrm.Scanner{}, - &tyntec.Scanner{}, - &axonaut.Scanner{}, - &kraken.Scanner{}, - &easyinsight.Scanner{}, - &closecrm.Scanner{}, - &customerguru.Scanner{}, - &prospectcrm.Scanner{}, - &surveyanyplace.Scanner{}, - &ubidots.Scanner{}, - &elevenlabsv1.Scanner{}, - &elevenlabsv2.Scanner{}, - sinchmessage.Scanner{}, - ayrshare.Scanner{}, - mailboxlayer.Scanner{}, - satismeterprojectkey.Scanner{}, - pusherchannelkey.Scanner{}, - imagekit.Scanner{}, - asanaoauth.Scanner{}, - // getemail.Scanner{}, - rocketreach.Scanner{}, - // raven.Scanner{}, - kontent.Scanner{}, - cloudplan.Scanner{}, - autoklose.Scanner{}, - appcues.Scanner{}, - // getemails.Scanner{}, - leadfeeder.Scanner{}, - uplead.Scanner{}, - audd.Scanner{}, - bitbar.Scanner{}, - // abstract.Scanner{}, - exchangerateapi.Scanner{}, - currencycloud.Scanner{}, - finage.Scanner{}, - adafruitio.Scanner{}, - storychief.Scanner{}, - tradier.Scanner{}, - hellosign.Scanner{}, - dwolla.Scanner{}, - voicegain.Scanner{}, - ambee.Scanner{}, - bannerbear.Scanner{}, - hypertrack.Scanner{}, - holidayapi.Scanner{}, - currencylayer.Scanner{}, - coinlib.Scanner{}, - agora.Scanner{}, - marketstack.Scanner{}, - exchangeratesapi.Scanner{}, - faceplusplus.Scanner{}, - baremetrics.Scanner{}, - getgeoapi.Scanner{}, - alegra.Scanner{}, - tatumio.Scanner{}, - deepgram.Scanner{}, - brandfetch.Scanner{}, - typeform.Scanner{}, - fxmarket.Scanner{}, - ipapi.Scanner{}, - clearbit.Scanner{}, - spoonacular.Scanner{}, - finnhub.Scanner{}, - checkout.Scanner{}, - // mixpanel.Scanner{}, - ipgeolocation.Scanner{}, - tmetric.Scanner{}, - fullstoryv1.Scanner{}, - fullstoryv2.Scanner{}, - noticeable.Scanner{}, - currencyscoop.Scanner{}, - scrapingbee.Scanner{}, - todoist.Scanner{}, - owlbot.Scanner{}, - keenio.Scanner{}, - dovico.Scanner{}, - html2pdf.Scanner{}, - yousign.Scanner{}, - fleetbase.Scanner{}, - cloudmersive.Scanner{}, - imagga.Scanner{}, - visualcrossing.Scanner{}, - bugsnag.Scanner{}, - runrunit.Scanner{}, - assemblyai.Scanner{}, - loyverse.Scanner{}, - swell.Scanner{}, - crowdin.Scanner{}, - nutritionix.Scanner{}, - mapquest.Scanner{}, - clickuppersonaltoken.Scanner{}, - tiingo.Scanner{}, - billomat.Scanner{}, - blogger.Scanner{}, - front.Scanner{}, - apify.Scanner{}, - dynalist.Scanner{}, - mavenlink.Scanner{}, - sportsmonk.Scanner{}, - bitcoinaverage.Scanner{}, - zipcodeapi.Scanner{}, - gyazo.Scanner{}, - // sparkpost.Scanner{}, - locationiq.Scanner{}, - saucelabs.Scanner{}, - enigma.Scanner{}, - clickhelp.Scanner{}, - adzuna.Scanner{}, - vouchery.Scanner{}, - currentsapi.Scanner{}, - flickr.Scanner{}, - apiflash.Scanner{}, - geocodio.Scanner{}, - datagov.Scanner{}, - tomorrowio.Scanner{}, - lexigram.Scanner{}, - securitytrails.Scanner{}, - foursquare.Scanner{}, - browshot.Scanner{}, - edamam.Scanner{}, - alienvault.Scanner{}, - protocolsio.Scanner{}, - coinlayer.Scanner{}, - commercejs.Scanner{}, - detectlanguage.Scanner{}, - worldcoinindex.Scanner{}, - airvisual.Scanner{}, - sheety.Scanner{}, - financialmodelingprep.Scanner{}, - stormglass.Scanner{}, - oopspam.Scanner{}, - unsplash.Scanner{}, - allsports.Scanner{}, - amadeus.Scanner{}, - ringcentral.Scanner{}, - pixabay.Scanner{}, - youneedabudget.Scanner{}, - languagelayer.Scanner{}, - gengo.Scanner{}, - aylien.Scanner{}, - shutterstock.Scanner{}, - hereapi.Scanner{}, - readme.Scanner{}, - pastebin.Scanner{}, - vatlayer.Scanner{}, - verifier.Scanner{}, - graphhopper.Scanner{}, - scraperapi.Scanner{}, - ritekit.Scanner{}, - linkpreview.Scanner{}, - dotmailer.Scanner{}, - api2cart.Scanner{}, - virustotal.Scanner{}, - numverify.Scanner{}, - pdflayer.Scanner{}, - geocode.Scanner{}, - iconfinder.Scanner{}, - // m3o.Scanner{}, - mesibo.Scanner{}, - impala.Scanner{}, - besttime.Scanner{}, - currencyfreaks.Scanner{}, - humanity.Scanner{}, - loginradius.Scanner{}, - stockdata.Scanner{}, - flatio.Scanner{}, - openuv.Scanner{}, - snipcart.Scanner{}, - screenshotapi.Scanner{}, - cryptocompare.Scanner{}, - happyscribe.Scanner{}, - geocodify.Scanner{}, - bombbomb.Scanner{}, - serpstack.Scanner{}, - zenserp.Scanner{}, - restpackscreenshotapi.Scanner{}, - shortcut.Scanner{}, - // nasdaqdatalink.Scanner{}, - neutrinoapi.Scanner{}, - bitmex.Scanner{}, - deepai.Scanner{}, - host.Scanner{}, - pdfshift.Scanner{}, - fetchrss.Scanner{}, - proxycrawl.Scanner{}, - storecove.Scanner{}, - fileio.Scanner{}, - coinapi.Scanner{}, - stytch.Scanner{}, - signupgenius.Scanner{}, - streak.Scanner{}, - route4me.Scanner{}, - openai.Scanner{}, - opencagedata.Scanner{}, - positionstack.Scanner{}, - upcdatabase.Scanner{}, - commodities.Scanner{}, - glassnode.Scanner{}, - optimizely.Scanner{}, - censys.Scanner{}, - scraperbox.Scanner{}, - ticketmaster.Scanner{}, - iexcloud.Scanner{}, - partnerstack.Scanner{}, - qubole.Scanner{}, - poloniex.Scanner{}, - shipday.Scanner{}, - stitchdata.Scanner{}, - hiveage.Scanner{}, - technicalanalysisapi.Scanner{}, - smartystreets.Scanner{}, - shutterstockoauth.Scanner{}, - newscatcher.Scanner{}, - postageapp.Scanner{}, - unplugg.Scanner{}, - paymongo.Scanner{}, - flightapi.Scanner{}, - countrylayer.Scanner{}, - veriphone.Scanner{}, - ipinfodb.Scanner{}, - mediastack.Scanner{}, - screenshotlayer.Scanner{}, - userstack.Scanner{}, - edenai.Scanner{}, - urlscan.Scanner{}, - zenscrape.Scanner{}, - // dailyco.Scanner{}, - nicereply.Scanner{}, - // hive.Scanner{}, - clustdoc.Scanner{}, - scrapingant.Scanner{}, - kickbox.Scanner{}, - scrapeowl.Scanner{}, - rebrandly.Scanner{}, - dandelion.Scanner{}, - purestake.Scanner{}, - carboninterface.Scanner{}, - signaturit.Scanner{}, - blitapp.Scanner{}, - restpackhtmltopdfapi.Scanner{}, - webscraping.Scanner{}, - geoapify.Scanner{}, - dfuse.Scanner{}, - gitter.Scanner{}, - autopilot.Scanner{}, - aletheiaapi.Scanner{}, - intrinio.Scanner{}, - aviationstack.Scanner{}, - scrapestack.Scanner{}, - restpack.Scanner{}, - cloverly.Scanner{}, - thinkific.Scanner{}, - meaningcloud.Scanner{}, - skybiometry.Scanner{}, - appfollow.Scanner{}, - abuseipdb.Scanner{}, - squareup.Scanner{}, - zipbooks.Scanner{}, - roaring.Scanner{}, - signalwire.Scanner{}, - weatherbit.Scanner{}, - textmagic.Scanner{}, - telnyx.Scanner{}, - calorieninja.Scanner{}, - vyte.Scanner{}, - walkscore.Scanner{}, - planyo.Scanner{}, - zipapi.Scanner{}, - mailsac.Scanner{}, - unifyid.Scanner{}, - worldweather.Scanner{}, - strava.Scanner{}, - autodesk.Scanner{}, - serphouse.Scanner{}, - paralleldots.Scanner{}, - semaphore.Scanner{}, - nylas.Scanner{}, - weatherstack.Scanner{}, - ipquality.Scanner{}, - blazemeter.Scanner{}, - cicero.Scanner{}, - onedesk.Scanner{}, - bugherd.Scanner{}, - whoxy.Scanner{}, - smooch.Scanner{}, - apifonica.Scanner{}, - goodday.Scanner{}, - getsandbox.Scanner{}, - freshdesk.Scanner{}, - teamworkdesk.Scanner{}, - tallyfy.Scanner{}, - apimatic.Scanner{}, - boostnote.Scanner{}, - freshbooks.Scanner{}, - cashboard.Scanner{}, - thousandeyes.Scanner{}, - zenkitapi.Scanner{}, - sherpadesk.Scanner{}, - shotstack.Scanner{}, - luno.Scanner{}, - apacta.Scanner{}, - fmfw.Scanner{}, - courier.Scanner{}, - checkvist.Scanner{}, - invoiceocean.Scanner{}, - travelpayouts.Scanner{}, - mixmax.Scanner{}, - cloze.Scanner{}, - supernotesapi.Scanner{}, - fastforex.Scanner{}, - sirv.Scanner{}, - teamworkcrm.Scanner{}, - geckoboard.Scanner{}, - appsynergy.Scanner{}, - findl.Scanner{}, - simplynoted.Scanner{}, - pandascore.Scanner{}, - gocanvas.Scanner{}, - formio.Scanner{}, - livestorm.Scanner{}, - // manifest.Scanner{}, - formbucket.Scanner{}, - dronahq.Scanner{}, - webscraper.Scanner{}, - versioneye.Scanner{}, - rownd.Scanner{}, - diffbot.Scanner{}, - nozbeteams.Scanner{}, - pipedream.Scanner{}, - paymoapp.Scanner{}, - peopledatalabs.Scanner{}, - mite.Scanner{}, - mindmeister.Scanner{}, - deputy.Scanner{}, - eagleeyenetworks.Scanner{}, - sigopt.Scanner{}, - lendflow.Scanner{}, - meistertask.Scanner{}, - mrticktock.Scanner{}, - beebole.Scanner{}, - theoddsapi.Scanner{}, - oanda.Scanner{}, - scrapfly.Scanner{}, - kanban.Scanner{}, - upwave.Scanner{}, - ditto.Scanner{}, - buddyns.Scanner{}, - checio.Scanner{}, - kucoin.Scanner{}, - eightxeight.Scanner{}, - avazapersonalaccesstoken.Scanner{}, - selectpdf.Scanner{}, - madkudu.Scanner{}, - borgbase.Scanner{}, - cliengo.Scanner{}, - swiftype.Scanner{}, - viewneo.Scanner{}, - planviewleankit.Scanner{}, - cloudimage.Scanner{}, - worksnaps.Scanner{}, - caspio.Scanner{}, - caflou.Scanner{}, - enablex.Scanner{}, - checklyhq.Scanner{}, - teamworkspaces.Scanner{}, - cloudelements.Scanner{}, - uploadcare.Scanner{}, - moderation.Scanner{}, - myintervals.Scanner{}, - klipfolio.Scanner{}, - flightstats.Scanner{}, - sendbird.Scanner{}, - cexio.Scanner{}, - repairshopr.Scanner{}, - metaapi.Scanner{}, - aeroworkflow.Scanner{}, - column.Scanner{}, - sugester.Scanner{}, - sendbirdorganizationapi.Scanner{}, - chatfule.Scanner{}, - convier.Scanner{}, - loadmill.Scanner{}, - magicbell.Scanner{}, - apitemplate.Scanner{}, - knapsackpro.Scanner{}, - twitterv1.Scanner{}, - twitterv2.Scanner{}, - timecamp.Scanner{}, - signable.Scanner{}, - teletype.Scanner{}, - wistia.Scanner{}, - hybiscus.Scanner{}, - miro.Scanner{}, - moonclerk.Scanner{}, - codequiry.Scanner{}, - qase.Scanner{}, - extractorapi.Scanner{}, - craftmypdf.Scanner{}, - // generic.Scanner{}, - userflow.Scanner{}, - mockaroo.Scanner{}, - statuspage.Scanner{}, - statuspal.Scanner{}, - testingbot.Scanner{}, - conversiontools.Scanner{}, - parsers.Scanner{}, - scrutinizerci.Scanner{}, - sonarcloud.Scanner{}, - dareboost.Scanner{}, - pinata.Scanner{}, - exportsdk.Scanner{}, - rechargepayments.Scanner{}, - browserstack.Scanner{}, - lunchmoney.Scanner{}, - atera.Scanner{}, - parsehub.Scanner{}, - voodoosms.Scanner{}, - yelp.Scanner{}, - podio.Scanner{}, - rockset.Scanner{}, - aha.Scanner{}, - packagecloud.Scanner{}, - cloudsmith.Scanner{}, - nightfall.Scanner{}, - mux.Scanner{}, - statuscake.Scanner{}, - formcraft.Scanner{}, - paperform.Scanner{}, - zulipchat.Scanner{}, - iexapis.Scanner{}, - detectify.Scanner{}, - reachmail.Scanner{}, - gumroad.Scanner{}, - typetalk.Scanner{}, - chartmogul.Scanner{}, - fibery.Scanner{}, - uptimerobot.Scanner{}, - paydirtapp.Scanner{}, - disqus.Scanner{}, - bulksms.Scanner{}, - onesignal.Scanner{}, - stormboard.Scanner{}, - interseller.Scanner{}, - tickettailor.Scanner{}, - twitch.Scanner{}, - rentman.Scanner{}, - tefter.Scanner{}, - pollsapi.Scanner{}, - diggernaut.Scanner{}, - zenrows.Scanner{}, - instabot.Scanner{}, - simfin.Scanner{}, - vbout.Scanner{}, - besnappy.Scanner{}, - convertapi.Scanner{}, - cloudconvert.Scanner{}, - zipcodebase.Scanner{}, - speechtextai.Scanner{}, - databox.Scanner{}, - postbacks.Scanner{}, - postgres.Scanner{}, - collect2.Scanner{}, - uclassify.Scanner{}, - holistic.Scanner{}, - tokeet.Scanner{}, - duply.Scanner{}, - gtmetrix.Scanner{}, - braintreepayments.Scanner{}, - docparser.Scanner{}, - formsite.Scanner{}, - flightlabs.Scanner{}, - getresponse.Scanner{}, - codeclimate.Scanner{}, - apilayer.Scanner{}, - monkeylearn.Scanner{}, - parseur.Scanner{}, - honeycomb.Scanner{}, - demio.Scanner{}, - kanbantool.Scanner{}, - salesmate.Scanner{}, - lemlist.Scanner{}, - websitepulse.Scanner{}, - scalr.Scanner{}, - ecostruxureit.Scanner{}, - appointedd.Scanner{}, - twist.Scanner{}, - prodpad.Scanner{}, - transferwise.Scanner{}, - codemagic.Scanner{}, - mongodb.Scanner{}, - ngc.Scanner{}, - gemini.Scanner{}, - digitaloceanv2.Scanner{}, - npmtoken.Scanner{}, - npmtokenv2.Scanner{}, - sqlserver.Scanner{}, - redis.Scanner{}, - ftp.Scanner{}, - ldap.Scanner{}, - shopify.Scanner{}, - etherscan.Scanner{}, - infura.Scanner{}, - alchemy.Scanner{}, - blocknative.Scanner{}, - moralis.Scanner{}, - bscscan.Scanner{}, - percy.Scanner{}, - tineswebhook.Scanner{}, - pulumi.Scanner{}, - databrickstoken.Scanner{}, - supabasetoken.Scanner{}, - nugetapikey.Scanner{}, - aiven.Scanner{}, - prefect.Scanner{}, - buildkitev2.Scanner{}, - opsgenie.Scanner{}, - dockerhubv1.Scanner{}, - couchbase.Scanner{}, - envoyapikey.Scanner{}, - github_oauth2.Scanner{}, - snowflake.Scanner{}, - huggingface.Scanner{}, - trufflehogenterprise.Scanner{}, - salesforce.Scanner{}, - sourcegraph.Scanner{}, - tailscale.Scanner{}, - loggly.Scanner{}, - web3storage.Scanner{}, - &ramp.Scanner{}, - &anthropic.Scanner{}, - &sourcegraphcody.Scanner{}, - voiceflow.Scanner{}, - ip2location.Scanner{}, - grafanaserviceaccount.Scanner{}, - vagrantcloudpersonaltoken.Scanner{}, - openvpn.Scanner{}, - &metabase.Scanner{}, - appoptics.Scanner{}, - zerotier.Scanner{}, - betterstack.Scanner{}, - coinbase_waas.Scanner{}, - replyio.Scanner{}, - stripo.Scanner{}, - lemonsqueezy.Scanner{}, - denodeploy.Scanner{}, - budibase.Scanner{}, - requestfinance.Scanner{}, - coda.Scanner{}, - grafana.Scanner{}, - logzio.Scanner{}, - eventbrite.Scanner{}, - &overloop.Scanner{}, - ngrok.Scanner{}, - replicate.Scanner{}, - privacy.Scanner{}, - instamojo.Scanner{}, - klaviyo.Scanner{}, - portainer.Scanner{}, - rabbitmq.Scanner{}, - planetscale.Scanner{}, - portainertoken.Scanner{}, - pagarme.Scanner{}, - planetscaledb.Scanner{}, - azure.Scanner{}, - azurestorage.Scanner{}, - azurecontainerregistry.Scanner{}, - azurebatch.Scanner{}, - // azurefunctionkey.Scanner{}, // detector is throwing some FPs - azuredevopspersonalaccesstoken.Scanner{}, - azuresearchadminkey.Scanner{}, - azuresearchquerykey.Scanner{}, - googleoauth2.Scanner{}, - dockerhubv2.Scanner{}, - &jupiterone.Scanner{}, - gcpapplicationdefaultcredentials.Scanner{}, - wiz.Scanner{}, - onfleet.Scanner{}, - intra42.Scanner{}, - groq.Scanner{}, - twitterconsumerkey.Scanner{}, - eraser.Scanner{}, - larksuite.Scanner{}, - larksuiteapikey.Scanner{}, - endorlabs.Scanner{}, - atlassianv1.Scanner{}, - atlassianv2.Scanner{}, - netsuite.Scanner{}, - box.Scanner{}, - robinhoodcrypto.Scanner{}, - nvapi.Scanner{}, - railwayapp.Scanner{}, - meraki.Scanner{}, - saladcloudapikey.Scanner{}, - boxoauth.Scanner{}, - apimetrics.Scanner{}, - captainDataV1.Scanner{}, - captainDataV2.Scanner{}, - } - - // Remove keywords that cause lots of false positives - exclusions := []string{ - "AKIA", "SG.", "pat", "token", "gh", "github", "sql", "database", "http", "key", "api-", "sdk-", "float", "-us", "gh", "pat", "token", "sid", "http", "private", "key", "segment", "close", "protocols", "verifier", "box", "privacy", "dm", "sl.", "vf", "flat", - } - - // Create a map of keywords - keywords := map[string]struct{}{} - - // Get all Keywords() from each detector - for _, detector := range detectorList { - for _, keyword := range detector.Keywords() { - keywords[strings.ToLower(keyword)] = struct{}{} - } - } - - // Remove exclusions from the default keyword list - for _, exclusion := range exclusions { - delete(keywords, strings.ToLower(exclusion)) - } - return keywords -} From 68045e514fff14109ac922443d2abc3e889ec773 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Fri, 15 Nov 2024 09:57:53 -0500 Subject: [PATCH 14/15] small updates --- pkg/handlers/apk.go | 53 +++++++++++++++++++++++++-------------------- 1 file changed, 30 insertions(+), 23 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 1f565557d595..5c68f5c1a73c 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -268,6 +268,7 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, e func (h *apkHandler) processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { // dextk.Read() requires an io.ReaderAt interface dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr)) + //dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr), dextk.WithReadCache(16)) if err != nil { return nil, err } @@ -278,6 +279,7 @@ func (h *apkHandler) processDexFile(ctx logContext.Context, rdr io.ReadCloser) ( for ci.HasNext() { node, err := ci.Next() if err != nil { + ctx.Logger().Error(err, "failed to process a dex class") break } h.processDexClass(ctx, dexReader, node, &dexOutput) @@ -304,12 +306,9 @@ func (h *apkHandler) processDexClass(ctx logContext.Context, dexReader *dextk.Re foundKeywords := h.keywordMatcher.FindKeywords(classOutput.Bytes()) // For each found keyword, create a keyword:value pair and append to dexOutput - var keyValuePairs bytes.Buffer for str := range methodValues { for _, keyword := range foundKeywords { - keyValuePairs.Reset() - keyValuePairs.WriteString(keyword + ":" + str + "\n") - dexOutput.Write(keyValuePairs.Bytes()) + dexOutput.WriteString(keyword + ":" + str + "\n") } } } @@ -318,49 +317,56 @@ func (h *apkHandler) processDexClass(ctx logContext.Context, dexReader *dextk.Re // handles errors, and writes the output to dexOutput. func processDexMethod(ctx logContext.Context, dexReader *dextk.Reader, methods []dextk.MethodNode, classOutput *bytes.Buffer, methodValues map[string]struct{}) { for _, method := range methods { - s, values, err := parseDexInstructions(dexReader, method) + s, err := parseDexInstructions(dexReader, method, methodValues) if err != nil { ctx.Logger().V(2).Info("failed to process dex method", "error", err) continue } classOutput.Write(s.Bytes()) - for val := range values { - methodValues[val] = struct{}{} - } } } // parseDexInstructions processes a dex method and returns the string representation of the instruction -func parseDexInstructions(r *dextk.Reader, m dextk.MethodNode) (*bytes.Buffer, map[string]struct{}, error) { - var s bytes.Buffer - values := make(map[string]struct{}) +func parseDexInstructions(r *dextk.Reader, m dextk.MethodNode, methodValues map[string]struct{}) (*bytes.Buffer, error) { + var instrBuf bytes.Buffer if m.CodeOff == 0 { - return &s, values, nil + return &instrBuf, nil } c, err := r.ReadCodeAndParse(m.CodeOff) if err != nil { - return &s, values, err + return &instrBuf, err } // Iterate over the instructions and extract the relevant values for _, o := range c.Ops { oStr := o.String() - // Filter out instructions that are not in our targetInstructionTypes - parsedVal := formatAndFilterInstruction(oStr) - if parsedVal == "" { + + instructionType := getInstructionType(oStr) + if instructionType == "" { continue } - // If instruction is a const-string, then store as in values map - // this is used when creating keyword:value pairs in processDexClass() - if strings.HasPrefix(oStr, stringInstructionType) { - values[parsedVal] = struct{}{} + + val := formatAndFilterInstruction(oStr) + if val != "" { + instrBuf.WriteString(val + "\n") + if instructionType == stringInstructionType { + methodValues[val] = struct{}{} + } } - // Write the parsedVal to the buffer - s.WriteString(parsedVal) } - return &s, values, nil + return &instrBuf, nil +} + +// getInstructionType checks for specific target instructions +func getInstructionType(instruction string) string { + for _, t := range targetInstructionTypes { + if strings.HasPrefix(instruction, t) { + return t + } + } + return "" } // formatAndFilterInstruction looks for a match to our regex and returns it @@ -381,6 +387,7 @@ func decodeXML(rdr io.ReadCloser, resTable *apkparser.ResourceTable) (io.Reader, bufRdr := iobuf.NewBufferedReaderSeeker(rdr) // Create a buffer to store the formatted XML data + // Note: in the future, consider a custom writer that spills to disk if the buffer gets too large var buf bytes.Buffer enc := xml.NewEncoder(&buf) From 7404d53a33646abe74e0653bb201b94d7a674095 Mon Sep 17 00:00:00 2001 From: Joe Leon Date: Fri, 15 Nov 2024 11:37:24 -0500 Subject: [PATCH 15/15] refactored for dextk.WithReadCache() --- pkg/handlers/apk.go | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkg/handlers/apk.go b/pkg/handlers/apk.go index 5c68f5c1a73c..c83665522189 100644 --- a/pkg/handlers/apk.go +++ b/pkg/handlers/apk.go @@ -166,7 +166,7 @@ func (h *apkHandler) processFile(ctx logContext.Context, file *zip.File, resTabl return fmt.Errorf("failed to decode xml file %s: %w", file.Name, err) } case ".dex": - contentReader, err = h.processDexFile(ctx, rdr) + contentReader, err = h.processDexFile(ctx, iobuf.NewBufferedReaderSeeker(rdr)) if err != nil { return fmt.Errorf("failed to decode dex file %s: %w", file.Name, err) } @@ -265,10 +265,8 @@ func extractStringsFromResTable(resTable *apkparser.ResourceTable) (io.Reader, e } // processDexFile decodes the dex file and returns the relevant instructions -func (h *apkHandler) processDexFile(ctx logContext.Context, rdr io.ReadCloser) (io.Reader, error) { - // dextk.Read() requires an io.ReaderAt interface - dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr)) - //dexReader, err := dextk.Read(iobuf.NewBufferedReaderSeeker(rdr), dextk.WithReadCache(16)) +func (h *apkHandler) processDexFile(ctx logContext.Context, rdr io.ReaderAt) (io.Reader, error) { + dexReader, err := dextk.Read(rdr, dextk.WithReadCache(16)) if err != nil { return nil, err }